Versions Compared

Version Old Version 24 New Version 25
Changes made by

Joshua Drummond

Joshua Drummond

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

 

Table of Contents

...

Tenable SecurityCenter is an enterprise vulnerability management tool that UCI has purchased to expand our vulnerability management initiative campus-wide. SecurityCenter is being offered as a self-service tool that systems administrators, management and business owners can use to track the vulnerability status of their systems as well as track the mitigation progress.

...

In SecurityCenter there are many default template dashboards you can choose from. To add a new dashboard to your dashboard list, navigate to the "Options" button on the dashboard screen. In the drop down select "Add a Dashboard". You will then be taken to a list of templates you can choose from to create a new dashboard. Once added the dashboard will show up in your "Switch Dashboard" or "Manage Dashboard's" lists. 

Managing & Deleting

...

Dashboards

If you would like to remove a dashboard from your "Switch Dashboard" list or delete a dashboard entirely you can navigate to the "Options" button on the dashboard screen. In the drop down select "Manage Dashboards". On the manage dashboard screen you can choose to unpin a dashboard so it no longer appears in your available list of dashboards to view. You can also edit, share and delete dashboards under this screen. 

Viewing My Systems' Vulnerabilities

If you want to take a deeper look at the vulnerabilities within your system there are several different ways to navigate to that data as well as filter & sort it to meet your criteria. 

...

Once you have used filter's to narrow down your search criteria you can save these settings into a query so that it can be used for future searches. From the screen that you have all the filters set on navigate to "Options" in the upper right hand corner and choose "Save Query" from the drop down menu. You will be prompted to enter a name for your query and once saved this query can be located in the menu bar from "Analysis" -> "Queries".

Viewing My World Reachable Systems' Vulnerabilities (Loading a Pre-Defined Query)

As part of an OIT Security Team initiative in late 2015 we are running weekly vulnerability scans of the campus systems that are open through our campus border firewall, meaning they are accessable accessible from the world. Since these particular systems have high visibility they could potentially be at a higher risk for exploitation. As such we have made it easy for users of SecurityCenter to narrow down their vulnerability search criteria to just these systems in order to quickly address any vulnerabilities on these systems. This is a query that we have already created for you. To load this query simply navigate to the "Vulnerability Analysis" screen and expand out the "Filters" section. Choose "Load Query" from the bottom of the filter's and select "Systems Open at Campus Border (World Reachable)" from the list. This will display only the systems that belong to your group that are world reachable. 

Understanding My Systems' Vulnerabilities

Once you have narrowed down your search criteria you can navigate into a particular vulnerability to find out more detailed information regarding what the vulnerability scan discovered. Within the vulnerability detailed screen you will see several sub-areas with more detailed information. 

...

Explains when a patch was published for this vulnerability and also details if an exploit is currently available for this vulnerability, if an exploit is available it will also detail what it can be exploited with ex. Malware

Plugin Details

This is an interal internal Tenable designation that will tell you the number assigned to this vulnerability within Tenable as well as when it was published to SecurityCenter and last updated. 

...

Links to outside sources with more information regarding this specfic vulnerabilitiesspecific vulnerability

Addressing Vulnerabilities

Once you have analysised analyzed the data provided from the vulnerability scan there are three main options for addressing the vulnerability. 

...

Reporting can be used if you wish to send vunerability vulnerability snapshots to someone who is not using SecurityCenter dashboards. Reporting can be accessed by going to "Reporting" drop down from the main menu bar. Within the "Reports" area you can choose to add a new report from hundreds of templates, or you can choose to create a custom report. While creating the report you can also choose if you want to run the report on all the systems in your group or just a particular asset or host. Once the report is created it will show in a list under "Reports", you then have an option to "Run" the report, results from the report being run will be placed in "Reporting" -> "Report Results". 

...

From the main menu bar under "Workflow" -> "Accepted Risks" or "Recast Risks" you can view the list of currently created rules or accepted or re-cast risks. This enables useres users to obtain information on what particular vulnerabilities or hosts have been declared accepted or re-cast as well as who created the rule and any comments that were put in regarding the rule. 

...