| Table of Contents |
|---|
...
Tenable SecurityCenter is an enterprise vulnerability management tool that UCI has purchased to expand our vulnerability management initiative campus-wide. SecurityCenter is being offered as a self-service tool that systems administrators, management and business owners can use to track the vulnerability status of their systems as well as track the mitigation progress.
...
Accepting Risk (Won't/Can't fix with no other measures in place to lower risk)
If you are unable to remediate a vulnerability and there are no other measures in place to lower the risk, you can choose to click the "Accept Risk" button from the vulnerability detailed screen. This will pop out a new screen where you can put in a comment regarding why you are accepting the risk. In this screen you can also set an expiration date for the accepted risk as well as input the targets/assets you want to accept the risk on. Once you accept this risk for a vulnerability on a system, the vulnerability will be hidden from reports and placed in a repository of accepted risks with the name of the user who submitted it. The vulnerability will stay hidden on reports either until it's deleted or hits the expiration date, at which time it will then re-appear on the reports during the next scan.
Accepted Risk Example: A vulnerability is found on a sever that is going to be decommissioned in 2 weeks, you may choose to accept this risk for the remaining two weeks rather than spend time addressing a vulnerability that will be resolved by decommissioning the server.
Recasting Risk (Won't/Can't fix but with other measures in place to lower risk)
If you are unable to remediate a vulnerability but there are other measures in place to lower the risk, you can choose to click the "Recast Risk" button from the vulnerability detailed screen. This will pop out a new screen where you can change the vulnerability to a new severity level and add a comment regarding why you are changing the severity level. You can then choose to apply this to one or multiple hosts with that vulnerability. Once you recast this risk it will be re-classified on reports and placed in a repository of recast risks with the name of the user who submitted it.
Recast Risk Example: A high vulnerability is found on a system regarding FTP, however to get into that system you have to use VPN and multi-factor authentication and the system only allows users with appropriate access into the system. There are several layers of protection here that would make it very difficult to exploit. Therefore you might recast the risk from a "high" to a "medium".
Basic Reporting
Workflow Features
...