Performing a Basic Vulnerability Scan
A strong vulnerability management program is one of the cornerstones of effective cybersecurity. This does not eliminate all weaknesses from the equation, but allows professionals to identify, prioritize and remediate them before the bad guys take advantage of them. Today we will focus on the first step: identification.
To identify possible vulnerabilities in an IT system, security professionals first identify any regulatory requirements that shape how organizations process, transmit and store different types of data. For instance, all federal agencies and organizations that operate on behalf of the government are subject to the Federal Information Security Management Act (FISMA), which identifies a set of security controls that must be in place. Organizations implement their own policies if they are not subject to regulatory acts, or in addition to these acts.
Scan targets also need to be identified before the scan can begin. In my example, I am using a vulnerability scanning tool called Nessus to identify some hosts/servers on my virtual network. Nessus is one of the leading vulnerability management tools and can be used for free with some limitations.
Nessus picked up 6 devices — 3 Linux VMs, 2 Windows Server VMs, and a Windows 10 VM. Next, it was time to choose a template. Nessus comes with several different scan templates that are pre-configured for a variety of environments. For my purposes, I chose the Basic Scan template
I kept the options set to their default settings and waited for a few minutes while Nessus did its magic…and boom!
Nessus found 86 vulnerabilities across my network and it probably would’ve picked up more if I had provided admin access to my Windows machines. The picture above shows the different vulnerabilities found on my Open Web Application Security Project® (OWASP) webserver. This server comes with vulnerabilities built in to demonstrate the importance of securing web applications. Clicking on each vulnerability navigates to a page explaining how the vulnerability can be remediated in more detail.
That is it for now! Next time we will go into how the rest of the remediation process works!