User Interface. An Introductory Guide

Similar documents
Scanning-Less Scanning. Installation Guide

Event Notifications Quick Start Guide

Chapter 5: Vulnerability Analysis

Tenable.io User Guide. Last Revised: November 03, 2017

ForeScout Extended Module for Qualys VM

10 FOCUS AREAS FOR BREACH PREVENTION

ForeScout Extended Module for Tenable Vulnerability Management

Reinvent Your 2013 Security Management Strategy

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

8 Must Have. Features for Risk-Based Vulnerability Management and More

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

ForeScout Extended Module for ServiceNow

How to construct a sustainable vulnerability management program

ForeScout CounterACT. Assessment Engine. Configuration Guide. Version 1.0

Managing Microsoft 365 Identity and Access

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Payment Card Industry (PCI) Executive Report 11/07/2017

Skybox Security Vulnerability Management Survey 2012

WhatsConfigured v3.1 User Guide

Think Like an Attacker

Scan Report Executive Summary. Part 2. Component Compliance Summary Component (IP Address, domain, etc.):

How-to Guide: Tenable Nessus for BeyondTrust. Last Revised: November 13, 2018

Qualys Cloud Platform

Analysis and Reports. Safety Event Manager with QPrecision

Cybersecurity The Evolving Landscape

During security audits, over 15,000 vulnerability assessments are made, scanning the network IP by IP.

TRIPWIRE VULNERABILITY RISK METRICS CONNECTING SECURITY TO THE BUSINESS

ForeScout Extended Module for ServiceNow

Monitoring the Device

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface

Security and Compliance Suite Rollout Guide. July 19, 2017

IBM Security AppScan Enterprise v9.0.1 Importing Issues from Third Party Scanners

Total Protection for Compliance: Unified IT Policy Auditing

SECURITY AUTOMATION BEST PRACTICES. A Guide to Making Your Security Team Successful with Automation

PROFESSIONAL SERVICES (Solution Brief)

Vulnerability Management From B Movie to Blockbuster Rahim Jina

SECURITY AUTOMATION BEST PRACTICES. A Guide on Making Your Security Team Successful with Automation SECURITY AUTOMATION BEST PRACTICES - 1

SecOps : Security Operations. Saurav Sinha Head of Presales India

EFFECTIVE VULNERABILITY MANAGEMENT USING QUALYSGUARD 1

Turn-key Vulnerability Management

Think Like an Attacker

Cyber security tips and self-assessment for business

Everything visible. Everything secure.

How-to Guide: Tenable.io for Lieberman. Last Revised: August 14, 2018

OnCommand Insight 7.2

PRISM - FHF The Fred Hollows Foundation

hidden vulnerabilities

PCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity

Measuring Critical Communications Effectiveness: An Analysis of Private Sector Broadcast Confirmation Data

Data Breach Risk Scanning and Reporting

Security Automation Best Practices

Admin Plus Pack Option. ExecView Web Console. Backup Exec Admin Console

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Cisco Threat Awareness Service - Quick Start Guide. Last Updated: 16/06/16

Payment Card Industry (PCI) Executive Report 11/01/2016

OnCommand Insight 7.1 Planning Guide

Tripwire State of Cyber Hygiene Report

Web Applications Security. Radovan Gibala F5 Networks

GOING WHERE NO WAFS HAVE GONE BEFORE

SIEM: Five Requirements that Solve the Bigger Business Issues

McAfee Database Security Insights

SpamCheetah manual. By implementing protection against botnets we can ignore mails originating from known Bogons and other sources of spam.

Risk Intelligence. Quick Start Guide - Data Breach Risk

Interface reference. McAfee Policy Auditor Interface Reference Guide. Add Service Level Agreement page

7 Steps to Complete Privileged Account Management. September 5, 2017 Fabricio Simao Country Manager

VANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER

ForeScout Extended Module for Advanced Compliance

WHITEHAT SECURITY. T.C. NIEDZIALKOWSKI Technical Evangelist. DECEMBER 2012

WHITE PAPERS. INSURANCE INDUSTRY (White Paper)

Sophos Mobile. startup guide. Product Version: 8.1

Merchant Certificate of Compliance

Qualys 8.7 Release Notes

locuz.com SOC Services

ClientNet Admin Guide. Boundary Defense for


Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

Turn-key Vulnerability Management

Community Edition Getting Started Guide. July 25, 2018

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

User Guide. Version R95. English

Department of Management Services REQUEST FOR INFORMATION

Introduction E-mark Mail

Cyber Hygiene: Uncool but necessary. Automate Endpoint Patching to Mitigate Security Risks

IC L19 - Consolidate Information from across your Infrastructure to create a custom report for PCI DSS Hands-On Lab

See What You ve Been Missing

IBM Proventia Management SiteProtector Sample Reports

CounterACT VMware vsphere Plugin

Objectives of the Security Policy Project for the University of Cyprus

PCI Compliance Assessment Module with Inspector

Office 365 Buyers Guide: Best Practices for Securing Office 365

IBM Global Technology Services May IBM Internet Security Systems Proventia Management SiteProtector system version 2.0, SP 7.

GDPR: An Opportunity to Transform Your Security Operations

CyberSecurity. Penetration Testing. Penetration Testing. Contact one of our specialists for more information CYBERSECURITY SERVICE DATASHEET

WhatsConfigured for WhatsUp Gold 2016 User Guide

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

CAN MICROSOFT HELP MEET THE GDPR

PrecisionAccess Trusted Access Control

Continuously Discover and Eliminate Security Risk in Production Apps

OpenManage Power Center Demo Guide for

Transcription:

User Interface An Introductory Guide Last update: 18 May 2017

Index Introduction 3 Vulnerability Database 4 Overview 5 Targets 6 Findings 7 Vulnerability Details 8 Risk Acceptance 9 Network Interface Configuration 10 Target Management 10 Scan Scheduling 11 Scan Schedules 12 Scan Schedule Settings Advanced 12 Scan Schedule Settings Discovery 13 Scan Policies 13 Scan Status 14 Scan History 14 Automating Reports 15 Customizing Reports Based on Findings 15 Customizing Reports Based on Solutions 16 Customizing Reports Based on Delta 17 Exporting Reports 18 Updates 18 Recipient Details 19 Access User Management 19 Custom Attributes System Owner 20 Ticketing Systems 20 2/28 Outpost24 User interface Q1 2017

INTRODUCTION Outpost24 is a leading Vulnerability Management company focused on enabling its customers to achieve maximum value from their evolving technology investments. By delivering insights that reduce vulnerabilities and attack surface for any architecture, Outpost24 customers continuously improve their security posture with low effort. Over 2,000 customers in more than 40 countries around the world trust Outpost24 to inspect their devices, networks, and web applications and report compliance status to government, industry sector, or internal regulations. Founded in 2001, Outpost24 serves leading organisations across a wide range of segments including financial and insurance, government, healthcare, retail, telecommunications, technology, and manufacturing. Our product supports two-factor authentication. On HIABs, we also support SAML for integration to single sign-on systems. 3/28 Outpost24 User interface screenshots Q1 2017

User Interface Introduction VULNERABILITY DATABASE Outpost24 s solution can test everything that contains an IP address or a Hostname. It also provides top 10 solutions. By following the given solutions, user can drastically reduce the vulnerabilities. It is consolidating based on product. Outpost24 s vulnerability database contains 100,000+ checks for all types of vulnerabilities, operating systems, services, software vulnerabilities, misconfigurations and weak passwords, etc. It is also possible to make a search query for a product you have not added to your network yet, that way you can see if it is supported in our vulnerability database. The Dashboard provides a clear understanding of vulnerability situation with a crisp graphical interface. Our product supports two-factor authentication. On HIABs, we also support SAML for integration to single sign-on systems. 4/28 Outpost24 User interface screenshots Q1 2017

Trend: The graph gives you a visible representation so you quickly can see if your security is improving. Top solutions: The graph and list shows where you will get the most value for your effort. In this example, updating Java will fix 633 vulnerabilities alone. OVERVIEW The Dashboard provides a clear understanding of vulnerability situation with a crisp graphical interface. The User Interface contains a detailed dashboard, suitable for both management and operational staff. It is possible to generate both detailed and high-level overviews of the risks on the network, in connection with risk level, target group, type of vulnerability, and system type (windows, apache etc.). It s also possible to track the remediation process by setting a maximum number of days per risk level. Furthermore it shows the top 10 most effective solutions and how many percentage will be remediated by solving these. It also provides top 10 solutions. By following the given solutions, user can drastically reduce the vulnerabilities. It is consolidating based on product. For example, 10 days for high, 20 days for medium and 30 days for low risks. If risks are not mitigated before the established time limit, users will receive a notification regarding the outstanding risks. The vulnerability trend has been updated, it is now taking snapshots over time to precalculate data. These snapshots are not affected by deleting old reports or changing risk levels. 5/28 Outpost24 User interface screenshots Q1 2017

Risk Summary Graphs: The three graphs show the percentage of devices that have high, medium and low risk vulnerabilities. TARGETS This dashboard gives you a quick overview over the most vulnerable targets, it also provides the information about targets with vulnerabilities that have public/known exploits. Focusing on these will minize your attack surface. The most vulnerable target is found at the top of the list, simply removing the top target from the network would solve 450 high risk vulnerabilities. The Dashboard targets also details how many of the devices have vulnerabilities that fall into the high, medium or low risk categories. A single device may or may not have both high, medium and low risk vulnerabilities, therefor adding the three numbers up doesn t equate to 100% 6/28 Outpost24 User interface screenshots Q1 2017

Latest findings: Vulnerabilities that have been just discovered Top Products: How vulnerable is a product used in your organization. It could be worth considering hiring a specialist to fix these vulnerabilities. Top aging findings: People tend to focus on new vulnerabilities and these older vulnerabilities could be just as serious. FINDINGS Furthermore, this dashboard gives you a quick overview over the most valuable targets. Focusing on these targets will minimize your attack surface. 7/28 Outpost24 User interface screenshots Q1 2017

VULNERABILITY DETAILS An overview of vulnerabilities is provided per target, rated with a CVSS v2 score and divided by risk level. The following information is provided on each vulnerability: finding information, a summary of the vulnerability, possible solutions, the related CVE number, CVSS information, history and different links to the website of the vendor or a website with more information. 8/28 Outpost24 User interface screenshots Q1 2017

RISK ACCEPTANCE If you have a device with a vulnerability you know you can t fix. User can accept a risk of this vulnerability for any number of days. The accepted risks show up in the finding information and in the exported reports. User can set to allow it forever and can also add a comment why it has been accepted. 9/28 Outpost24 User interface screenshots Q1 2017

NETWORK INTERFACE CONFIGURATION Outpost24 s solutions support all well known and commonly used platforms for scanning. It supports VLAN tagging and can scan any IP that is reachable from it s network location. Advanced network settings include VLAN, VLAN Trunking (802.1Q) and traffic shaping, such as bandwidth limiting. When scanning large networks, all other units can be managed from the central system, including updates and status monitoring. This also allows settings for remote management, network analysis tools for configuration and trouble shooting as well as custom configuration of host information for test networks without DHCP. TARGET MANAGEMENT With Outpost24 s solution, it is possible to create an unlimited amount of target groups (i.e. workstations / servers ) and fill them with targets (IP adresses / hostnames). You can also add a single target to multiple target groups. The user will be able to create lists by customizing attributes. This could be creating a dynamic list of targets with a certain vulnerability, or service such as Microsoft products. 10/28 Outpost24 User interface screenshots Q1 2017

SCAN SCHEDULING Outpost24 s solution has a license to run scans with an unlimited frequency. Different scan schedules can be defined with different scan frequencies. For example, weekly scans of workstations, ad hoc scans of test environment and daily scans of critical systems. It is also possible to create a long scan divided over several days so it doesn t interfere with business hours. 11/28 Outpost24 User interface screenshots Q1 2017

SCAN SCHEDULES It is possible to define different scan schedules fitted to your needs/requirements, and run them parallelly (or at the same time). SCAN SCHEDULE SETTINGS ADVANCED Users can define a scan window per scan job. For example, a scan job runs from 18:00-20:00 on Monday, if it is not finished, the scan will continue from 18:00-20:00 on Tuesday and so on until it is completed. 12/28 Outpost24 User interface screenshots Q1 2017

SCAN SCHEDULE SETTINGS DISCOVERY It is possible to schedule different discovery scans. For example, if you have a dynamic environment and you want to be sure that you don t miss a target when you perform a vulnerability scan, you schedule a discovery scan. Add an IP range (or different ranges) and perform the discovery scan. Filters are available for any data field. For example, results can be filtered by risk level or ticket owner. This will provide an overview of all the active IP addresses within scope. You can either manually start a vulnerability scan on the found IP addresses, or schedule it to run automatically as soon as the discovery scan is finished. IP addreses that are found can be manually added to target groups or automatically assigned to a target group. SCAN POLICIES Outpost24 solutions also include scan policies for various scan purposes allowing a lot of flexibility in types of policies to suite your needs. There are both predefined standard scan policies, and tools to create your own policy. The predefined scan policies are: Normal, Normal + web app checks, New checks, New checks and most recent findings, Port scan, PCI (preview) and Unsafe. Our Hacker Toolbox allows you to create your own scan policy. Here you can define what type of checks have to be included / excluded, and which credentials should be included (SMB / SSH / FTP / Mail etc). 13/28 Outpost24 User interface screenshots Q1 2017

SCAN STATUS It is possible to stop, pause and resume current or scheduled scans individually or in bulk. Export: Right click to bring up the export menu SCAN HISTORY The tool provides an overview of scans performed. If a user has experienced problems with his computer at a certain point, you can check if the computer was being scanned, which might have caused the problems. If it wasn t being scanned at that time, it might be something worth looking into more. Scan logs can be filtered by any criteria, and exported as an HTML or CSV. 14/28 Outpost24 User interface screenshots Q1 2017

AUTOMATING REPORTS Our tool offers extensive report automation features, allowing users to set up report schedules and specify recipients to streamline patching and remediation processes. Sending reports to the right persons can save time. For example, developers focusing on certain vulnerabilities can get an auto generated report scheduled every Monday morning with issues they need to be aware of. CUSTOMIZING REPORTS BASED ON FINDINGS Very flexible search function that allows you to find the information you need to fix vulnerabilities. Searches for certain classes (high, medium, low) of vulnerabilities and products that are causing them can be saved. By saving the current settings as a report template, the user can have the same view at a later state either for comparison or follow up. 15/28 Outpost24 User interface screenshots Q1 2017

Top 10 solutions: Piechart breakdown of of solution fixes Solution: quick overview of what changes needed to solve vulnerabilities Targets: the devices that it will solve problems on CUSTOMIZING REPORTS BASED ON SOLUTIONS The Solutions tab provides a graphical overview of the top 10 solutions for the vulnerabilities listed in the Findings tab. The information presented here helps an organization to quickly identify solutions that will resolve multiple vulnerabilities and thus helps in planning and prioritizing tasks. 16/28 Outpost24 User interface screenshots Q1 2017

CUSTOMIZING REPORTS BASED ON DELTA The delta and the group delta information is very useful in analyzing the changes made, and can be a good guide during allocation of resources for risk remediation. Extract statistics for each quater to know how many vulnerabilities have been added or removed. Click on each color for additional information. Red - added vulnerabilities since last report Blue - removed vulnerabilities Grey - unchanged, not patched vulnerabilities 17/28 Outpost24 User interface screenshots Q1 2017

EXPORTING REPORTS General Reporting Features: Export & Filtering The difference between reports are: Detailed The detailed report is the longest report that can be generated. It has in depth technical information about findings. This report is mostly directed towards system administrators and security consultants in an organization. Summary The summary report is the ideal sized report with report information, executive summary and target summary. This report provides just about the right information required by the IT department of any organization. Management The management level report gives a brief summary of the vulnerabilities and risks reported. It gives a good graphical overview of findings, risks and top solutions. This report is ideal while reporting to higher management. UPDATES Outpost24 solutions can be set to retrieve new vulnerability details on a daily basis. 18/28 Outpost24 User interface screenshots Q1 2017

RECIPIENT DETAILS User can either download the report locally or send it to a specific person. The emails sent can also be encrypted with PGP Keys. ACCESS USER MANAGEMENT Access to the interface and specific results can be set in the User Management section. 19/28 Outpost24 User interface screenshots Q1 2017

CUSTOM ATTRIBUTES SYSTEM OWNER The ability to set system owners for specific devices. The owner of a system can be defined as a custom attribute. This is however not the only field that can be added, datacenter, geographical location, rack location, which department is responsible for the device and so forth are also posibilities. Reports can be created based on any attribute, for example devices located at a certain location or by the system owners. TICKETING SYSTEMS The HIAB and OUTSCAN solutions include an integrated ticketing system. This can be used to track remediation progress, identify any ageing issues and their stakeholders, and share comments regarding a common issue. Tickets can be reassigned to others for a positive and efficient work-flow. 20/28 Outpost24 User interface screenshots Q1 2017

INTERESTED? Visit our website or contact your local sales office for more information ABOUT OUTPOST24 Outpost24 is a leading Vulnerability Management company focused on enabling its customers to achieve maximum value from their evolving technology investments. By delivering insights that reduce vulnerabilities and attack surface for any architecture, Outpost24 customers continuously improve their security posture with low effort. Over 2,000 customers in more than 40 countries around the world trust Outpost24 to inspect their devices, networks, and web applications and report compliance status to government, industry sector, or internal regulations. Founded in 2001, Outpost24 serves leading organisations across a wide range of segments including financial and insurance, government, healthcare, retail, telecommunications, technology, and manufacturing. Outpost24 Headquarters Skeppsbrokajen 8 371 33 Karlskrona Sweden +46 4556 12313

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback