WEBVTT 1 00:00:00.210 --> 00:00:01.980 In this lesson, we will learn 2 00:00:01.980 --> 00:00:05.220 about vulnerability scanning and reporting. 3 00:00:05.220 --> 00:00:08.790 Vulnerability scanning systematically identifies 4 00:00:08.790 --> 00:00:13.230 and documents security weaknesses in systems and networks. 5 00:00:13.230 --> 00:00:17.520 This allows for timely remediation of any vulnerability 6 00:00:17.520 --> 00:00:19.830 or weaknesses that are discovered. 7 00:00:19.830 --> 00:00:23.460 Vulnerabilities scanning can use automated tools 8 00:00:23.460 --> 00:00:26.610 such as Tenable.io and QualysGuard 9 00:00:26.610 --> 00:00:30.150 to probe systems for known security flaws. 10 00:00:30.150 --> 00:00:32.850 These enterprise vulnerability scanners 11 00:00:32.850 --> 00:00:36.870 can identify outdated software, misconfigurations, 12 00:00:36.870 --> 00:00:41.040 or exposed surfaces following the vulnerability scan. 13 00:00:41.040 --> 00:00:43.980 Scanning applications can generate a report 14 00:00:43.980 --> 00:00:48.090 that categorizes and prioritizes discovered vulnerabilities 15 00:00:48.090 --> 00:00:49.560 based on severity. 16 00:00:49.560 --> 00:00:53.340 This reporting process organizes the scan results 17 00:00:53.340 --> 00:00:57.570 into actionable insights, often including recommendations 18 00:00:57.570 --> 00:01:01.140 for remediating the identified vulnerabilities. 19 00:01:01.140 --> 00:01:04.740 Vulnerability scanning is a methodical process used 20 00:01:04.740 --> 00:01:08.280 to identify security weaknesses in systems 21 00:01:08.280 --> 00:01:10.110 and enterprise networks. 22 00:01:10.110 --> 00:01:12.240 It is important for organizations 23 00:01:12.240 --> 00:01:14.610 to regularly scan their networks 24 00:01:14.610 --> 00:01:16.710 to detect any vulnerabilities 25 00:01:16.710 --> 00:01:19.080 before attackers can exploit them. 26 00:01:19.080 --> 00:01:21.840 This process is typically automated 27 00:01:21.840 --> 00:01:25.530 using tools like Tenable.io and QualysGuard, 28 00:01:25.530 --> 00:01:28.320 which search for known security flaws. 29 00:01:28.320 --> 00:01:31.020 Network vulnerabilities scanners like these 30 00:01:31.020 --> 00:01:33.810 help companies stay ahead of potential threats 31 00:01:33.810 --> 00:01:37.650 by scanning for outdated software, misconfigurations, 32 00:01:37.650 --> 00:01:39.780 and other exposed services 33 00:01:39.780 --> 00:01:42.840 that could be targeted by cyber criminals. 34 00:01:42.840 --> 00:01:46.170 To understand how vulnerability scanning works, 35 00:01:46.170 --> 00:01:50.520 let's consider a fictional company called Universal Chauvet 36 00:01:50.520 --> 00:01:52.770 that manages web servers. 37 00:01:52.770 --> 00:01:55.740 The company decides to use Tenable.io 38 00:01:55.740 --> 00:01:57.900 to scan its servers weekly. 39 00:01:57.900 --> 00:02:00.660 Each time Tenable.io runs a scan, 40 00:02:00.660 --> 00:02:03.600 it probes Universal Chauvet's servers 41 00:02:03.600 --> 00:02:05.880 for known security issues. 42 00:02:05.880 --> 00:02:09.660 For example, if the servers are running outdated versions 43 00:02:09.660 --> 00:02:11.310 of web server software 44 00:02:11.310 --> 00:02:13.650 or have a misconfigured setting, 45 00:02:13.650 --> 00:02:16.920 Tenable.io will flag these as vulnerabilities. 46 00:02:16.920 --> 00:02:20.790 But the scanner doesn't just look for surface-level issues. 47 00:02:20.790 --> 00:02:24.300 It dives deep into Universal Chauvet's systems 48 00:02:24.300 --> 00:02:26.070 to identify weaknesses 49 00:02:26.070 --> 00:02:30.360 that could lead to bigger problems if left unresolved. 50 00:02:30.360 --> 00:02:32.040 Once the scan is complete, 51 00:02:32.040 --> 00:02:35.130 Tenable.io generates a detailed report. 52 00:02:35.130 --> 00:02:39.270 This report organizes the vulnerabilities into categories, 53 00:02:39.270 --> 00:02:41.670 helping the IT team understand 54 00:02:41.670 --> 00:02:44.370 what types of risks they are facing. 55 00:02:44.370 --> 00:02:48.240 Each vulnerability is also assigned a severity level 56 00:02:48.240 --> 00:02:50.640 ranging from low to critical. 57 00:02:50.640 --> 00:02:53.970 For example, a low-severity vulnerability 58 00:02:53.970 --> 00:02:56.820 might involve a simple misconfiguration 59 00:02:56.820 --> 00:02:58.890 that could be easily fixed, 60 00:02:58.890 --> 00:03:01.620 while a critical-severity vulnerability 61 00:03:01.620 --> 00:03:05.820 could involve outdated encryption protocols like SSL, 62 00:03:05.820 --> 00:03:07.680 which is secure sockets layer, 63 00:03:07.680 --> 00:03:10.140 or older versions of TLS, 64 00:03:10.140 --> 00:03:14.400 which is transport layer security such as TLS 1.1, 65 00:03:14.400 --> 00:03:18.720 or TLS 1.0, which are no longer considered secure 66 00:03:18.720 --> 00:03:22.860 and could expose sensitive data to potential interception. 67 00:03:22.860 --> 00:03:25.740 Now, let's say Tenable.io finds 68 00:03:25.740 --> 00:03:28.890 that one of Universal Chauvet's web servers 69 00:03:28.890 --> 00:03:31.800 is using an outdated version of TLS, 70 00:03:31.800 --> 00:03:35.670 a protocol used to secure communication over the internet. 71 00:03:35.670 --> 00:03:37.890 The report generated by the scanner 72 00:03:37.890 --> 00:03:41.340 highlights this vulnerability as a critical issue. 73 00:03:41.340 --> 00:03:44.280 In the report, Tenable.io may recommend 74 00:03:44.280 --> 00:03:47.430 the IT team update the TLS version 75 00:03:47.430 --> 00:03:50.490 to TLS 1.2 or 1.3 76 00:03:50.490 --> 00:03:52.860 to modify the server's configuration 77 00:03:52.860 --> 00:03:55.020 to meet security standards. 78 00:03:55.020 --> 00:03:57.270 This is an important recommendation 79 00:03:57.270 --> 00:04:00.630 because outdated encryption protocols make it easier 80 00:04:00.630 --> 00:04:04.950 for attackers to intercept or alter data being transmitted 81 00:04:04.950 --> 00:04:08.820 between users and Universal Chauvet's servers. 82 00:04:08.820 --> 00:04:13.820 So after reviewing the report, Universal Chauvet's IT team 83 00:04:13.890 --> 00:04:17.610 might update the server's software to the latest version, 84 00:04:17.610 --> 00:04:18.900 ensuring it uses 85 00:04:18.900 --> 00:04:22.110 the most secure encryption methods available. 86 00:04:22.110 --> 00:04:24.930 Then, once the vulnerability is addressed, 87 00:04:24.930 --> 00:04:26.640 they can run another scan 88 00:04:26.640 --> 00:04:29.610 to confirm that the issue has been resolved. 89 00:04:29.610 --> 00:04:32.310 At this point, the scanning tool will show 90 00:04:32.310 --> 00:04:35.190 that the web server is no longer at risk 91 00:04:35.190 --> 00:04:37.620 from this particular vulnerability. 92 00:04:37.620 --> 00:04:41.400 This process of scanning, reporting, and remediation 93 00:04:41.400 --> 00:04:44.220 ensures that Universal Chauvet's systems 94 00:04:44.220 --> 00:04:47.790 stay protected from evolving cyber threats. 95 00:04:47.790 --> 00:04:52.080 Beyond immediate fixes, Universal Chauvet's regular use 96 00:04:52.080 --> 00:04:55.080 of vulnerability scanning also provides 97 00:04:55.080 --> 00:04:59.040 an ongoing view of their security posture. 98 00:04:59.040 --> 00:05:01.110 By conducting weekly scans, 99 00:05:01.110 --> 00:05:03.780 the organization can identify trends 100 00:05:03.780 --> 00:05:05.670 and recurring vulnerabilities, 101 00:05:05.670 --> 00:05:10.140 allowing their IT team to make proactive adjustments. 102 00:05:10.140 --> 00:05:14.490 For example, if misconfigurations are frequently flagged, 103 00:05:14.490 --> 00:05:18.060 the team can refine their configuration processes 104 00:05:18.060 --> 00:05:20.760 to avoid such issues in the future. 105 00:05:20.760 --> 00:05:24.600 This ongoing process of scanning and refinement 106 00:05:24.600 --> 00:05:27.720 helps maintain long-term security. 107 00:05:27.720 --> 00:05:31.350 Another important aspect of vulnerability scanning 108 00:05:31.350 --> 00:05:33.540 is risk prioritization. 109 00:05:33.540 --> 00:05:37.410 Not all vulnerabilities need to be addressed immediately, 110 00:05:37.410 --> 00:05:39.090 and in our scenario, 111 00:05:39.090 --> 00:05:43.710 Tenable.io can help the Universal Chauvet IT team 112 00:05:43.710 --> 00:05:45.360 by ranking vulnerabilities 113 00:05:45.360 --> 00:05:48.810 based on severity and potential impact. 114 00:05:48.810 --> 00:05:52.110 A low-severity issue on an internal system 115 00:05:52.110 --> 00:05:53.580 might be handled later, 116 00:05:53.580 --> 00:05:55.320 while a critical vulnerability 117 00:05:55.320 --> 00:05:59.220 on a public-facing server demands immediate attention. 118 00:05:59.220 --> 00:06:02.700 This prioritization helps Universal Chauvet 119 00:06:02.700 --> 00:06:05.100 efficiently manage its resources 120 00:06:05.100 --> 00:06:07.740 while maintaining strong security. 121 00:06:07.740 --> 00:06:09.720 In addition to identifying 122 00:06:09.720 --> 00:06:12.060 and prioritizing vulnerabilities, 123 00:06:12.060 --> 00:06:14.370 scan reports can also be used 124 00:06:14.370 --> 00:06:18.450 for broader security management and compliance purposes. 125 00:06:18.450 --> 00:06:22.470 For example, Universal Chauvet could use reports 126 00:06:22.470 --> 00:06:24.990 to demonstrate their ongoing efforts 127 00:06:24.990 --> 00:06:27.510 to maintain a secure environment, 128 00:06:27.510 --> 00:06:29.400 which is often a requirement 129 00:06:29.400 --> 00:06:32.070 for regulatory compliance with standards 130 00:06:32.070 --> 00:06:36.330 like the General Data Protection Regulation (GDPR), 131 00:06:36.330 --> 00:06:39.780 or the Payment Card Industry Data Security Standard, 132 00:06:39.780 --> 00:06:43.050 which is known as PCI DSS. 133 00:06:43.050 --> 00:06:47.220 Furthermore, scan reports can be used in risk assessments, 134 00:06:47.220 --> 00:06:49.230 helping leadership understand 135 00:06:49.230 --> 00:06:53.160 the overall security posture of the organization 136 00:06:53.160 --> 00:06:57.510 and make informed decisions about resource allocation. 137 00:06:57.510 --> 00:06:59.550 Also, scan reports can serve 138 00:06:59.550 --> 00:07:03.570 as valuable documentation during security audits, 139 00:07:03.570 --> 00:07:07.200 showing auditors that the company is actively monitoring 140 00:07:07.200 --> 00:07:09.510 and addressing vulnerabilities. 141 00:07:09.510 --> 00:07:12.930 And finally, historical scan reports help track 142 00:07:12.930 --> 00:07:16.050 the effectiveness of past remediation efforts, 143 00:07:16.050 --> 00:07:19.680 providing insights into how well security issues 144 00:07:19.680 --> 00:07:21.990 are being managed over time. 145 00:07:21.990 --> 00:07:25.320 So remember, vulnerability scanning 146 00:07:25.320 --> 00:07:27.720 is a systematic process used 147 00:07:27.720 --> 00:07:31.500 to identify weaknesses in systems and networks 148 00:07:31.500 --> 00:07:34.260 before attackers can exploit them. 149 00:07:34.260 --> 00:07:36.960 It typically uses automated tools 150 00:07:36.960 --> 00:07:41.760 to detect issues like outdated software, misconfigurations, 151 00:07:41.760 --> 00:07:46.410 and exposed services that could post security risks. 152 00:07:46.410 --> 00:07:48.240 Once the scan is complete, 153 00:07:48.240 --> 00:07:51.180 the scanning software generates a report 154 00:07:51.180 --> 00:07:54.750 that categorizes vulnerabilities by severity, 155 00:07:54.750 --> 00:07:57.300 helping organizations prioritize 156 00:07:57.300 --> 00:07:59.760 which issues to address first. 157 00:07:59.760 --> 00:08:02.040 This process allows companies 158 00:08:02.040 --> 00:08:05.730 to take timely action to fix critical problems 159 00:08:05.730 --> 00:08:09.060 and improve their overall security posture. 160 00:08:09.060 --> 00:08:12.660 Additionally, vulnerability reports can be used 161 00:08:12.660 --> 00:08:14.970 for compliance, risk assessments, 162 00:08:14.970 --> 00:08:16.860 and tracking the effectiveness 163 00:08:16.860 --> 00:08:19.743 of remediation efforts over time.