by David Schwalenberg
February 10, 2015
Vulnerable web browsers can pose a great security risk to the network. This dashboard displays actively and passively detected vulnerability information for the major web browsers: Chrome, Firefox, Internet Explorer, Safari, and Opera. An analyst can use this information to determine the browser vulnerabilities that need to be patched and also if any browsers are being used in unauthorized places.
Since web browsers interact through the Internet with the outside world, they are often targeted by outside attackers. The use of unauthorized and vulnerable web browsers may allow the network to be compromised. The information in this dashboard can assist the organization as it seeks to reduce its chances of network compromise by eliminating unauthorized web browsers (e.g., from critical servers and point-of-sale systems) and by patching browser vulnerabilities.
For each browser, a matrix displays warning indicators for detected vulnerabilities. On the top row, the "All Vulnerabilities" indicator turns purple if any vulnerabilities at any severity level related to the browser are detected. This will indicate whether the browser is being used on the network and the vulnerabilities present. Informational detections are included, such as detections of Java enabled in the browser. The "Critical Vulns" indicator turns red if any Critical severity vulnerabilities are detected and the "Exploitable Vulns" indicator turns purple if any vulnerabilities that are known to be exploitable are detected. These critical and exploitable vulnerabilities are the highest priority to remediate. The next two rows contain indicators for vulnerabilities in certain products used in conjunction with web browsers, such as Adobe, Flash, and Java. The indicators turn purple if any vulnerabilities at any severity level (including Informational) are detected. This will indicate whether these products are being used and the vulnerabilities present. The remaining rows contain indicators based on keywords present in detected vulnerabilities related to the browser. Here, vulnerabilities at all severity levels except Informational are included. The keywords cover the major web browser threats, such as memory corruption, information disclosure, remote code execution, buffer overflows, cross-site scripting (XSS), and more. A purple indicator means that one or more vulnerabilities contain the keyword. Indicators can be removed or new indicators added as desired. Clicking on a highlighted indicator will bring up the vulnerability analysis screen to display details on the vulnerabilities. In the vulnerability analysis screen, setting the tool to IP Summary will display the systems on which the vulnerabilities are present.
The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Threat Detection & Vulnerability Assessments.
The dashboard requirements are:
- Tenable.sc 4.8.1
- Nessus 8.6.0
- NNM 5.9.0
- LCE 4.4.1
Tenable's Tenable.sc Continuous View (CV) is the market-defining continuous network monitoring platform. Tenable.sc CV includes active vulnerability detection with Nessus and passive vulnerability detection with Tenable's Nessus Network Monitor (NNM), as well as log correlation with Tenable's Log Correlation Engine (LCE). Using Tenable.sc CV, an organization will obtain the most comprehensive and integrated view of its network.
Listed below are the included components:
- Browser Vulnerabilities - Chrome - This matrix displays warning indicators for vulnerabilities actively and passively detected on the network related to the Google Chrome web browser.
- Browser Vulnerabilities - Firefox - This matrix displays warning indicators for vulnerabilities actively and passively detected on the network related to the Mozilla Firefox web browser.
- Browser Vulnerabilities - Internet Explorer - This matrix displays warning indicators for vulnerabilities actively and passively detected on the network related to the Microsoft Internet Explorer web browser.
- Browser Vulnerabilities - Safari - This matrix displays warning indicators for vulnerabilities actively and passively detected on the network related to the Apple Safari web browser.
- Browser Vulnerabilities - Opera - This matrix displays warning indicators for vulnerabilities actively and passively detected on the network related to the Opera web browser.
- Browser Vulnerabilities - Summary by Browser - This matrix displays summary information by major web browser for vulnerabilities actively and passively detected on the network. (Rows for additional web browsers can be added as desired.) The total count of vulnerabilities is displayed, indicating whether the browser is being used on the network and the vulnerabilities present. The count of vulnerable systems and the percentages of those systems with critical and exploitable vulnerabilities are also displayed. These critical and exploitable vulnerabilities are the highest priority to remediate. Clicking on an indicator will bring up the vulnerability analysis screen to display details on the vulnerabilities. In the vulnerability analysis screen, setting the tool to IP Summary will display the systems on which the vulnerabilities are present.
- Browser Vulnerabilities - Summary by Keyword - This matrix displays summary information by keyword for vulnerabilities actively and passively detected on the network. (Rows for additional keywords can be added as desired.) The total count of vulnerabilities containing the keyword is displayed, along with the count of vulnerable systems and the percentages of those systems with critical and exploitable vulnerabilities. These critical and exploitable vulnerabilities are the highest priority to remediate. Clicking on an indicator will bring up the vulnerability analysis screen to display details on the vulnerabilities. In the vulnerability analysis screen, setting the tool to IP Summary will display the systems on which the vulnerabilities are present.