by Cody Dumont
September 28, 2016
In today’s ever-evolving technology market, companies are merging and gaining the benefits of acquisition, but also taking on new risks due to acquisition. In April 2016, Dell and EMC announced their merger, which now combines several well-known companies. As Dell and EMC change their corporate business models and processes to work in the new environment as Dell Technologies, organizations should ask the question, “How does this merger impact risk to our organization?” This dashboard uses CPE filters to identify vulnerabilities related to software and hardware related to Dell Technologies.
The products from Dell Technologies are often found in enterprise environments. Dell Technologies provides products and services that cover technologies such as desktops and servers, cloud based application services, virtualization, and many other valuable services. However, with each of these products, there are new vulnerabilities still being found and detected with Tenable Nessus. Organizations with these products need an easy and efficient way to monitor vulnerabilities from Dell Technologies.
The dashboard uses the Common Platform Enumeration (CPE) filter to identify many of the software programs used in application development. According to NIST, the CPE is a structured naming scheme for information technology systems, software, and packages. Based upon the generic syntax for Uniform Resource Identifiers (URI), CPE includes a formal name format, a method for checking names against a system, and a description format for binding text and tests to a name. Tenable assigns CPEs to plugins where appropriate. This allowing for analysts to search for common CPE prefixes such as [cpe:/o:dell:idrac6_firmware, cpe:/h:sonicwall, cpe:/h:rsa:secured, cpe:/a:emc:networker]. Associating CPE strings with vulnerabilities allow the analysts a greater view into separating operating system vulnerabilities from application vulnerabilities, and adds to the level of a vulnerability detail provided to the organization.
There are seven companies that are covered by this dashboard. Each company uses the CPE for the respective company to find vulnerability information. More information can be found at each company below:
- Dell is a manufacturer of computer and server hardware. Dell has many other products related to information technology and is known to be a well-recognized company the market place.
- Dell EMC is best known for data storage, analytics, cloud computing and other products and services that enable businesses to store, manage, protect, and analyze data.
- Pivotal is known for its cloud development platforms and methodologies.
- Quest Intrust enables organizations to collect, store, search and analyze massive amounts of IT data from numerous data sources, systems and devices.
- RSA is an information security best known for SecurID two-factor authentication, Archer GRC, and many other security products.
- Sonicwall is known for their firewall appliance and other security related products.
- VMWare is known for server virtualization and supporting technologies.
The dashboard and its components are available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards and assets. The dashboard can be easily located in the SecurityCenter Feed under the category Threat Detection & Vulnerability Assessments. The dashboard requirements are:
- SecurityCenter 5.3.0
- Nessus 6.8.1
Tenable SecurityCenter provides extensive network monitoring by leveraging a unique combination of detection, reporting, and pattern recognition utilizing industry recognized algorithms and models. SecurityCenter is continuously updated to detect advanced threats and vulnerabilities. Tenable constantly analyzes information from our unique sensors, delivering continuous visibility and critical context and enabling decisive action that transforms the security program from reactive to proactive. Continuous vulnerability analysis enables security teams to more effectively tailor remediation efforts. Monitoring the network to ensure that all systems are secured against vulnerabilities is essential to ongoing security efforts. Tenable’s extensive network monitoring capabilities can verify that systems are successfully scanned regularly and secured against vulnerabilities, enabling ongoing improvements to an organization’s security posture.
Components
Dell Technologies Summary - Vulnerability Summary: This component displays seven companies that make up Dell Technologies by row, and enumerates any detected vulnerabilities across the columns. The counts of vulnerabilities and impacted systems are provided, along with percentages of systems with vulnerabilities and exploitable systems. The percentage bars are color-coded based on the percentage of systems that meet the specified filters. The bar turns green when the 0-24% of the filter requirements is met, and yellow when 25-49% of systems meet the filter requirement, orange when 50-74% of systems do, and red when more than 75% of systems do. Security teams can use this component to identify high-risk Dell Technologies software and the potentially impacted systems.
Dell Technologies Summary – Vulnerability Status At a Glance: This matrix displays the counts of vulnerabilities related to Dell Technologies software by severity and discovery date. The number of critical, high, and medium vulnerabilities is displayed across three columns, as well as the number of days they have been detected. Represented are known vulnerabilities that have existed for: Over 30 Days, the Last 30 Days, or the Last 7 Days.
Dell Technologies Summary - Vulnerability Trend Last 90 Days: This trend chart depicts the detection of vulnerabilities related to the companies that comprise Dell Technologies over the last 90 days. Each line is filtered for medium, high, and critical severity vulnerabilities related to a different Dell Technology company. The data points are calculated every 3 days to provide the most accurate trend of vulnerabilities detected over time. Security teams can use this line chart to track the presence of various types of vulnerabilities in Dell Technologies software over time.
Dell Technologies Summary – Critical Vulnerabilities At a Glance: This table lists the critical vulnerabilities related to the companies that comprise Dell Technologies. Relevant vulnerabilities with a critical severity level are shown to focus on the vulnerabilities that present the highest level of risk to the organization. For each vulnerability, the plugin name, family, severity, and total count are listed. Security teams can use this component to identify and remediate the highest risk vulnerabilities in Dell Technologies software.