Vulnerability Management Project Using Nessus Essentials
In this project I explore vulnerability discovery, remediation, and verification. Three key objectives in the vulnerability management lifecycle. I will also be examining non-credentialed vs. credentialed vulnerability scans.
I am using Nessus Essentials to scan a local VM (virtual machine) on VMWare Workstation. The local VM will be running Windows 10. After downloading Windows 10 onto my VM we are ready to begin.
The goal of a vulnerability scan on this VM will be to discover any security weaknesses and potential points of attack.
Running a Basic Network Scan on the VM yields 17 vulnerabilities. The vulnerabilities shown below are of lower severity with only one showing as medium. However these results are only scratching the surface as they are from a non-credentialed scan. To investigate further we must perform a credentialed scan.
I will be using this article from Tenable which outlines how to run a scan with a non-default administrator account. Now that I have entered the credentials for the VM’s administrator account, let’s run the scan again.
A credentialed scan will perform a more elaborate search through the host. It will be more thorough in checking the system for vulnerabilities because it has access to an administrator account. The credentialed scan shows 37 vulnerabilities.
The new scan gives us a deeper insight into what threat actors may exploit. It gives us a complete enumeration of software and patches installed on the VM. Next, I will download a deprecated version of Mozilla Firefox to the VM and scan it once again.
As expected, the amount of critical and high severity vulnerabilities has increased due to the latest install. A scan’s result may produce hundreds of vulnerabilities. Therefore, a cybersecurity analyst within an organization might focus exclusively on addressing vulnerabilities classified as high or critical severity. By understanding a company’s risk appetite, we can prioritize which vulnerabilities to remediate. I will run updates to the internet browsers to fix the vulnerabilities regarding Mozilla Firefox and Internet Explorer. I will also use this article to address the WinVerifyTrust Signature Validation vulnerability. Finally, I will run one last scan to verify that these vulnerabilities have been addressed.
Key Considerations
When running a vulnerability scan, it’s important to consider various factors to ensure a comprehensive assessment of system security. Before a vulnerability scan is launched it is important to define the scope of the vulnerability scan, specifying which systems, networks, or applications will be included in the assessment.
Obtain proper authorization before conducting vulnerability scans to avoid legal and ethical issues. Additionally, coordinate with relevant stakeholders, including IT administrators and system owners, to inform them of the scanning activity.
If possible use a credentialed vulnerability scan rather than a non-credentialed scan for a better analysis of a system. By carefully considering these factors, we can enhance the effectiveness of vulnerability scans and contribute to a more secure and resilient IT environment.