Post on 05-Mar-2021
transcript
Integrate Nessus Vulnerability Scanner/SecurityCenter/Professional EventTracker v8.x and above
Publication Date: November 13, 2018
1
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Abstract This guide helps you in configuring Nessus Vulnerability scanner/SecurityCenter/Professional and
EventTracker to receive Nessus events. In this guide, you will find the detailed procedures required for
monitoring Nessus Vulnerability scanner.
Audience Administrators who are assigned the task to monitor and manage Nessus events using EventTracker.
The information contained in this document represents the current view of EventTracker. on the
issues discussed as of the date of publication. Because EventTracker must respond to changing
market conditions, it should not be interpreted to be a commitment on the part of EventTracker,
and EventTracker cannot guarantee the accuracy of any information presented after the date of
publication.
This document is for informational purposes only. EventTracker MAKES NO WARRANTIES,
EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. Without limiting the
rights under copyright, this paper may be freely distributed without permission from
EventTracker, if its content is unaltered, nothing is added to the content and credit to
EventTracker is provided.
EventTracker may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from EventTracker, the furnishing of this document does not give you
any license to these patents, trademarks, copyrights, or other intellectual property.
The example companies, organizations, products, people and events depicted herein are fictitious.
No association with any real company, organization, product, person or event is intended or
should be inferred.
© 2018 EventTracker Security LLC. All rights reserved. The names of actual companies and
products mentioned herein may be the trademarks of their respective owners.
2
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Table of Contents Abstract ............................................................................................................................................................................. 1
Audience ........................................................................................................................................................................... 1
Overview ............................................................................................................................................................................... 3
Prerequisites .......................................................................................................................................................................... 3
1. Integration of Nessus Vulnerability Scanner/SecurityCenter to EventTracker server ................................................. 3
Verify Nessus Vulnerability Scanner Integration in EventTracker ......................................................................................... 5
2. Integration of Nessus Professional to EventTracker server ......................................................................................... 9
Obtaining Nessus Professional credentials ................................................................................................................... 9
Sending Nessus Professional logs to EventTracker. ................................................................................................... 11
Verify Nessus Vulnerability Scanner Integration in EventTracker ....................................................................................... 14
Verify generated credential xml ..................................................................................................................................... 14
Verify Extended DLA configuration ................................................................................................................................. 15
Verify Task is created in Task Scheduler ......................................................................................................................... 16
EventTracker Knowledge Pack ........................................................................................................................................ 16
Categories ................................................................................................................................................................... 16
Flex Reports ................................................................................................................................................................ 18
Import Nessus Vulnerability Scanner knowledge pack into EventTracker .......................................................................... 26
Knowledge Objects ......................................................................................................................................................... 26
Category .......................................................................................................................................................................... 28
Flex Reports .................................................................................................................................................................... 29
Parsing Rule ..................................................................................................................................................................... 30
Verify Nessus Vulnerability Scanner knowledge pack in EventTracker .......................................................................... 32
Knowledge Objects ..................................................................................................................................................... 32
Category ...................................................................................................................................................................... 32
Flex Reports ................................................................................................................................................................ 33
Parsing Rule ................................................................................................................................................................ 34
Create Flex Dashboards in EventTracker ........................................................................................................................ 35
Schedule Reports ............................................................................................................................................................ 35
Create Dashlets ............................................................................................................................................................... 38
Sample Flex Dashboards ................................................................................................................................................. 42
3
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Overview Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and Exposures
architecture for easy cross-linking between compliant security tools. Nessus employs the Nessus Attack
Scripting Language (NASL), a simple language that describes individual threats and potential attacks. Nessus
has a modular architecture consisting of centralized servers that conduct scanning, and remote clients that
allow for administrator interaction.
This guide provides procedure only to integrate Nessus scan reports to EventTracker. Additionally, if can
configure EventTracker to alter system vulnerability score according to vulnerability reports.
Prerequisites EventTracker v8.x should be installed.
Nessus Vulnerability Scanner/SecurityCenter version Nessus 6.X series (Nessus 6.0 – Nessus 6.9.3) or
Nessus Professional should be installed.
Windows Version 7 or later should be installed.
Integration script must run on EventTracker Manager.
1. Integration of Nessus Vulnerability
Scanner/SecurityCenter to EventTracker server Following are the steps to integrate Nessus Vulnerability Scanner/SecurityCenter to EventTracker Manager.
Please contact the EventTracker support team for obtaining Nessus Integrator pack.
The Integrator package will be obtained in a Zip file format.
Extract provided file to following location:
<ET_INSTALL_Path>\ScheduledActionScripts\Nessus\
Extracted ZIP file will contain the following files:
Figure 1
4
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Double-click on the Nessus Integrator.bat to start the integration process.
Once clicked the “.bat” starts running and you will get a pop-up window as shown in below image.
Figure 2
In the pop-up window, enter the Nessus URL that you are accessing and your Nessus Username and
Password.
After entering the details, click on OK.
Once clicked on OK, an authentication pop up window will appear asking for the Username and Password
as shown below:
An authentication pop up window will appear asking for administrator username and password for Task
Scheduling as shown below:
Figure 3
Please enter your System Username and Password to proceed with the Task Scheduling.
Click OK to continue.
5
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Verify Nessus Vulnerability Scanner Integration in
EventTracker Login to EventTracker web->Admin->Manager.
Figure 4
Go to the Direct Log Archiver Tab and check if the configurations are replicating as shown in the below
figure.
6
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 5
Confirm if the configurations are set right by clicking the Edit button. The below screen gets displayed
after you click the Edit button.
7
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 6
Click on Configure to check the Computer Name, Configuration name and system description.
8
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 7
Click on Save & Close.
Now,
Go to Start and open Task Scheduler to confirm if the scheduling action is created or not.
Below given image shows the Nessus Task that is created for scheduling.
9
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 8
Check if the Task Scheduler is configured correctly with the right conditions to trigger the task, with the
specified date and time when it needs to be run.
Nessus Integration is now completed with EventTracker to receive Nessus Events.
2. Integration of Nessus Professional to EventTracker
server
Obtaining Nessus Professional credentials
Log in to Nessus professional web console.
10
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 9
Click on Settings Tab and choose My Account option.
Now click on API Keys Tab as shown the below image.
Figure 10
Now click on Generate button.
Access key and Secret Key will be displayed now as shown below:
11
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 11
Please make a note of it as it is required for further integration process.
Sending Nessus Professional logs to EventTracker.
Download and apply the latest KP update from link given KP_Update_Link.
Once downloaded the Nessus integrator package can be found in %ET_INSTALL_PATH%\Knowledge
Packs\Nessus Vulnerability Scanner.
The Integrator package will be obtained in a Zip file format. Extract the files. A folder named
NessusProfessional_Script will be present, and it would contain files as show below.
Extract the files to get the below file contents as shown in the image below:
Figure 12
Double-click on the Nessus_Professional_Integrator.bat to start the integration process.
Once clicked the “.bat” starts running and you will get a pop-up window as shown in below image.
12
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 13
It will check if EventTracker Agent and PowerShell version 5.0 or above is installed on the
computer where the .bat is running. If status shows as installed, click on Next to proceed, else you
will not be able to proceed further.
NOTE: Manual installation of the EventTracker Agent and PowerShell version 5.0 needs to be done if it
is not present.
Once clicked on Next, you will get another pop-up window as shown below.
13
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 14
In the pop-up window that appears, enter the details that are obtained during configuration, as discussed in
the above steps. Once the credentials are entered, click on Finish button as shown in figure above.
Figure 15
14
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Please enter your System Username and Password to proceed with the Task Scheduling.
Click OK to continue.
Verify Nessus Vulnerability Scanner Integration in
EventTracker
Verify generated credential xml
Once the script run is complete, the first thing that would be done is a Details.xml will be created
within
“%ETINSATLL_PATH%\KnowledgePacks\NessusVulnerabilityScanner\Integrator\NessusProfessional_S
cripts” which would contain details entered in the integrator and will be stored in an encrypted
format. Also, a folder Nessus_Reports will be created in the same path as shown below:
Figure 16
Once that is done, within Nessus_Reports folder, a folder by the name Csv_Files and Xml_Files will be
created.
Figure 17
15
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Within the Csv_Files folder you will have all the Nessus report csv files present, xml files within the
Xml_Folder which confirms the integration is a success. This is shown below:
Figure 18
Verify Extended DLA configuration
Log in to EventTracker console.
Go to the Admin dropdown and click on Manager option as shown below.
Figure 19
Navigate to Direct Log Archiver tab.
Make sure if there is DLA configured on XML files as shown in the below image.
16
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 20
Verify Task is created in Task Scheduler
Go to Start and open Task Scheduler to confirm if the scheduling action is created or not.
Below given image shows the Nessus-Scheduler that is created for scheduling.
Figure 21
Nessus Integration is now completed with EventTracker to receive Nessus Events.
EventTracker Knowledge Pack Once logs are received into EventTracker, Categories reports can be configured into EventTracker. The
following Knowledge Packs are available in EventTracker Enterprise to support Windows.
Categories
Nessus-Basic network scan: This category provides details about a basic network scan that is done.
17
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Nessus-Credentialed Patch Audit: This category provides details about the patches that are missing in the
windows and UNIX systems which an attacker can use for exploits.
Nessus-Badlock Detection: This category provides details about all the badlock instances occurring in the
network. Badlock detection can be identified by their CVE. Badlock CVE’s are as follows (CVE-2015-
5370|CVE-2016-2110|CVE-2016-2111|CVE-2016-2112|CVE-2016-2113|CVE-2016-2114|CVE-2016-
2115|CVE-2016-2118|CVE-2016-0128).
Nessus-Bash Shellshock Detection: This category provides details about the vulnerabilities that affect the
bash. These vulnerabilities can be identified by their respective CVE’s. Shellshock CVEs are as follows CVE-
2015-5370 |CVE-2016-2110 |CVE-2016-2111 |CVE-2016-2112 |CVE-2016-2113 |CVE-2016-2114 |CVE-
2016-2115|CVE-2016-2118|CVE-2016-0128).
Nessus-Drown Detection: This category provides details about the drown attacks that take place in a
network, this vulnerability affects the Https services that rely on SSL and TLS. These vulnerabilities can be
identified by their respective CVE’s. Drown CVEs are as follows (CVE-2016-0702|CVE-2016-0705|CVE-
2016-0797|CVE-2016-0798|CVE-2016-0799|CVE-2016-0800).
Nessus-Malware Detection: This category provides details about the vulnerable malware that are present
in the Linux and windows machine.
Nessus-Host Discovery: This category provides the number of alive hosts and active ports on a network.
Nessus-MDM config audit: This category provides the Audit scan result configurations of mobile device
managers.
Nessus-Mobile device scan: This category provides details about the scan results of mobile devices that
are accessed via Microsoft Exchange or MDM.
Nessus-Offline Config audit: This category provides the audit configurations of network devices.
Nessus-Scap and Oval detection: This category provides details on how to generate SCAP and Oval
content audit scan results.
Nessus-Web application test: This category provides details about the scan results for published and
unknown web vulnerabilities.
18
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Flex Reports
1. Nessus-Basic Network Scan: This report provides a full system scan suitable for any host.
Figure 22
Logs Considered:
Figure 23
2. Nessus-Credentialed Patch Audit: This report provides the ways that a host can be authenticated and
enumerates missing patch updates.
Figure 24
19
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Logs Considered:
Figure 25
3. Nessus-Badlock Detection: This report provides the badlock vulnerability for Windows and the Linux/Unix
application Samba for network file sharing.
Figure 26
Logs Considered:
Figure 27
4. Nessus-Host Discovery: This report provides a simple scan to discover live host and open ports.
20
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 28
Logs Considered:
Figure 29
5. Nessus-Malware Detection: This report provides the scan results of malware on windows and Unix
systems.
Figure 30
21
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Logs Considered:
Figure 31
6. Nessus-Bash Shellshock Detection: This report provides the vulnerability that affects Bash, a common
component known as a shell that appears in many versions of Linux and UNIX. It allows the user to type
commands into a simple text-based window, which the operating system will then run.
Figure 32
Logs Considered:
Figure 33
22
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
7. Drown Detection: DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL
and TLS, some of the essential cryptographic protocols for Internet security.
Figure 34
Logs Considered:
Figure 35
8. Nessus-MDM Config Audit: This report provides the Audit scan result configurations of mobile device
managers.
Figure 36
23
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Logs Considered:
Figure 37
9. Nessus-Mobile Device Scan: This report provides scan results of mobile devices that are accessed via
Microsoft Exchange or MDM.
Figure 38
Logs Considered:
Figure 39
24
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
10. Nessus-Offline Config Audit: This report provides the audit configurations of network devices.
Figure 40
Logs Considered:
Figure 41
11. Nessus-Scap and Oval Auditing: This report provides the SCAP and Oval content audit scan results.
25
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 42
Logs Considered:
Figure 43
12. Nessus-Web Application Test: This report provides the scan results for published and unknown web
vulnerabilities.
Figure 44
26
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Logs Considered:
Figure 45
Import Nessus Vulnerability Scanner knowledge pack
into EventTracker NOTE: Import and Export the knowledge pack items in the following sequence:
Knowledge Objects
Categories
Flex Reports
Parsing Rule
Knowledge Objects 1. Login to EventTracker web->Admin.
2. Click Knowledge objects under Admin option.
3. In the Knowledge Object page, click the “Import” icon.
27
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 46
4. Locate the All Nessus Vulnerability Scanner group of Knowledge object.etko, and then click on Upload.
Figure 47
The below screen gets displayed.
28
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 48
Knowledge objects are imported successfully.
Figure 49
Category 1. Go to EventTracker Control Panel.
2. Double click Export Import Utility.
3. Click the Import tab.
4. Click Category option, and then click the browse button.
5. Locate the All Nessus Vulnerability Scanner group of categories.iscat file, and then click Open button.
29
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 50
6. To import categories, click the Import button.
Figure 51
Flex Reports
1. Click Reports option, and then click the browse button.
2. Locate the All Nessus Vulnerability Scanner group of flex reports.issch file, and then click the Open
button.
30
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 52
3. Click the Import button to import the scheduled reports. EventTracker displays success message.
Figure 53
Parsing Rule
1. Click Token Value option, and then click the browse button.
2. Locate the All Nessus Vulnerability Scanner group of Token Value.issch file, and then click the Open
button.
31
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 54
4. Click the Import button to import the tokens. EventTracker displays success message.
Figure 55
32
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Verify Nessus Vulnerability Scanner knowledge pack in
EventTracker
Knowledge Objects
1. In the EventTracker Enterprise web interface, click the Admin dropdown, and then click Knowledge
Objects
2. In the Knowledge Object tree, expand Nessus Vulnerability Scanner group folder to see the imported
Knowledge objects.
Figure 56
Category
1. In the EventTracker Enterprise web interface, click the Admin dropdown, and then click Categories.
2. In the Category Tree, expand Nessus Vulnerability Scanner group folder to see the imported categories
33
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 57
Flex Reports
1. In the EventTracker Enterprise web interface, click the Reports menu, and then select Configuration.
2. In Reports Configuration pane, select Defined option.
3. In search box enter ‘Nessus Vulnerability Scanner, and then click the Search button.
EventTracker displays Flex reports of ‘Nessus Vulnerability Scanner’
34
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 58
Parsing Rule
1. Logon to EventTracker Enterprise web interface.
2. Click the Admin menu, and then click Parsing Rules.
35
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 59
Create Flex Dashboards in EventTracker NOTE: To configure the flex dashboards, schedule and generate the reports. Flex dashboard feature is
available from EventTracker Enterprise v8.0.
Schedule Reports 1. Open EventTracker in browser and logon.
Figure 60
2. Navigate to Reports>Configuration.
3. Select Nessus Vulnerability Scanner in report groups. Check Defined dialog box.
36
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 61
4. Click on ‘schedule’ to plan a report for later execution.
5. Click Next button to proceed.
6. In review page, check Persist data in EventVault Explorer option.
37
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 62
7. In next page, check column names to persist using PERSIST checkboxes beside them. Choose suitable
Retention period.
38
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 63
8. Proceed to next step and click Schedule button.
9. Wait till the reports get generated.
Create Dashlets 1. Open EventTracker Enterprise in browser and logon.
39
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 64
2. Navigate to Dashboard>Flex.
Flex Dashboard pane is shown.
Figure 65
3. Fill suitable title and description and click Save button.
4. Click to configure a new flex dashlet. Widget configuration pane is shown.
40
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 66
5. Locate earlier scheduled report in Data Source dropdown.
6. Select Chart Type from dropdown. 7. Select extent of data to be displayed in Duration dropdown.
8. Select computation type in Value Field Setting dropdown.
9. Select evaluation duration in As Of dropdown. 10. Select comparable values in X Axis with suitable label.
11. Select numeric values in Y Axis with suitable label.
12. Select comparable sequence in Legend.
13. Click Test button to evaluate. Evaluated chart is shown.
41
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Figure 67
14. If satisfied, click Configure button.
Figure 68
15. Click ‘customize’ to locate and choose created dashlet.
16. Click to add dashlet to earlier created dashboard.
42
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
Sample Flex Dashboards For below dashboard DATA SOURCE: Nessus-Basic Network Scan
1. Nessus Vulnerability Scanner - Nessus-Basic Network Scan
WIDGET TITLE: Nessus-Basic Network Scan CHART TYPE: Line AXIS LABELS [X-AXIS]: CVE LEGEND[SERIES]: Host
Figure 69
43
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: Nessus-Credentialed Patch Audit
2. Nessus Vulnerability Scanner - Nessus-Credentialed Patch Audit
WIDGET TITLE: Nessus-Credentialed Patch Audit CHART TYPE: Donut AXIS LABELS [X-AXIS]: Description
Figure 70
44
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: Nessus-Badlock Detection
3. Nessus Vulnerability Scanner - Nessus-Badlock Detection
WIDGET TITLE: Nessus-Badlock Detection CHART TYPE: Donut AXIS LABELS [X-AXIS]: CVE
Figure 71
45
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: Nessus-Host Discovery
4. Nessus Vulnerability Scanner - Nessus-Host Discovery
WIDGET TITLE: Nessus-Host Discovery CHART TYPE: Stacked Column AXIS LABELS [X-AXIS]: IP Address LEGEND[SERIES]: Message
Figure 72
46
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: Nessus-Malware Detection
5. Nessus Vulnerability Scanner - Nessus-Malware Detection
WIDGET TITLE: Nessus-Malware Detection CHART TYPE: Donut AXIS LABELS [X-AXIS]: Message
Figure 73
47
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: Nessus-Bash Shellshock Detection
6. Nessus Vulnerability Scanner - Nessus-Bash Shellshock Detection
WIDGET TITLE: Nessus-Bash Shellshock Detection CHART TYPE: Donut AXIS LABELS [X-AXIS]: CVE
Figure 74
48
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: Nessus-Drown Detection
7. Nessus Vulnerability Scanner - Nessus- Drown Detection
WIDGET TITLE: Nessus- Drown Detection CHART TYPE: Donut AXIS LABELS [X-AXIS]: CVE LEGEND[SERIES]: Risk
Figure 75
49
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: MDM Config Audit
8. Nessus Vulnerability Scanner - Nessus- MDM Config Audit
WIDGET TITLE: Nessus- MDM Config Audit CHART TYPE: Donut AXIS LABELS [X-AXIS]: Message
Figure 76
50
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: Mobile Device Scan
9. Nessus Vulnerability Scanner - Nessus- Mobile Device Scan
WIDGET TITLE: Nessus- Mobile Device Scan CHART TYPE: Donut AXIS LABELS [X-AXIS]: Message
Figure 77
51
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: Offline Config Audit
10. Nessus Vulnerability Scanner - Nessus- Offline Config Audit
WIDGET TITLE: Nessus- Offline Config audit CHART TYPE: Donut AXIS LABELS [X-AXIS]: Message
Figure 78
52
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: Scap and Oval Auditing
11. Nessus Vulnerability Scanner - Nessus- Scap and Oval Auditing
WIDGET TITLE: Nessus- Scap and Oval Auditing CHART TYPE: Donut AXIS LABELS [X-AXIS]: Mac Address LEGEND[SERIES]: Severity
Figure 79
53
Integrate Nessus Vulnerability
Scanner/SecurityCenter/Professional
EventTracker v8.6 and above [Subtitle]
For below dashboard DATA SOURCE: Web Application Test
12. Nessus Vulnerability Scanner - Nessus- Web Application Test
WIDGET TITLE: Nessus- Web Application Test CHART TYPE: Donut AXIS LABELS [X-AXIS]: Message
Figure 80