We are thrilled to announce that we have decided to make tickets to this year’s

After several successful years of bringing science communicators together in London and New York, the

A security researcher posted private chat messages between members of the Conti ransomware group, providing valuable insight into which vulnerabilities are leveraged by the group and affiliates in their cyber attacks. The Conti ransomware group has earned a reported $180 million in profits by leasing their Ransomware-as-a-Service (RaaS) model to cripple cyber-infrastructure in vulnerable organizations. Tenable has published a variety of content to assist customers with identifying the vulnerabilities leveraged by the Conti ransomware group and its affiliates.

Conti and their affiliates have had a particularly devastating impact on healthcare services, including at least 16 U.S. health and emergency networks. Conti attacked Ireland’s Health Service Executive (HSE), demanding a $20 million dollar ransom, which the HSE refused to pay, opting instead to shut down IT services for mitigation efforts.

Tenable’s 2021 Threat Landscape Retrospective report revealed that 24.7% of healthcare data breaches were the result of ransomware attacks, and ransomware itself was responsible for 38% of all breaches last year. The leaked data revealed that Conti and its affiliates have been exploiting a number of vulnerabilities. There are also reports that Conti and its affiliates have targeted vulnerabilities in the Fortinet FortiOS found in Fortinet’s SSL VPN devices to gain initial access to target environments. 

Organizations are often breached from legacy vulnerabilities present in the IT infrastructure of small companies they have recently acquired. The analysis of the ContiLeaks data identifies the vulnerabilities that are being actively exploited, enabling security managers to prioritize mitigation. 

The Security Response Team (SRT) of Tenable Research has analyzed the ContiLeaks data to ensure customers are fully informed of their vulnerability to Conti RaaS attacks. The SRT also provides breakdowns for the latest vulnerabilities in the Tenable Blog. Tenable Research has released over 165,000 plugins and leads the industry on CVE coverage. Tenable's SRT team continuously works to help organizations prioritize and create remediation plans for the new threats, which often leave very little time for reflection.

This report contains the following chapters:

Executive Summary Chapter - Contains information from the ContiLeaks Dashboard that uses the CVE and Plugin Family filters to display counts of the vulnerabilities and assets that have been affected by ContiLeaks.

Linux Chapter - Contains charts and tables that group together ContiLeaks related CVEs for all Linux Operating Systems and includes an IP Detail for the hosts identified.

Windows Chapter - Contains charts and tables that group together ContiLeaks related CVEs for all Windows Operating Systems and includes an IP Detail for the hosts identified.

Other Chapter - Contains charts and tables that group together ContiLeaks related CVEs for all "Other" Operating Systems and includes an IP Detail for the hosts identified.

Identifying both the current vulnerabilities and the vulnerabilities that have been mitigated provides IT managers an accurate picture of the health of their organization's network. Tenable.sc Continuous View has the ability to track mitigated vulnerabilities, enabling management to track and measure progress. This report provides technical managers with a clear method to communicate progress to executive management.

Throughout the report there is a continued comparison of mitigated vulnerabilities to unmitigated vulnerabilities. The first chapter provides a 3-month trend of vulnerabilities and other related charts focusing on vulnerability counts per subnet.  The second chapter provides a series of matrices with an in-depth look at vulnerabilities by severity, by CVSS score, by CVE identifier, and by Nessus and Nessus Network Manager (NNM) plugin groupings.
The report is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The report can be easily located in the Tenable.sc Feed under the category Executive. The report requirements are:

• Tenable.sc 5.0.1
• Nessus 8.5.1
• LCE 6.0.0
• NNM 5.9.0

Tenable provides continuous network monitoring to identify vulnerabilities, reduce risk, and ensure compliance. Tenable.sc Continuous View (CV) provides the ability to report on both current and mitigated vulnerabilities. With more supported technologies than any other vendor, including operating systems, network devices, hypervisors, databases, tablets, phones, web servers, and critical infrastructure, Tenable.sc CV scales to meet future vulnerability management demands for virtualized systems, cloud services, and the proliferation of devices.
teams.

  Chapters

Executive Summary - This chapter provides executives with high-level understanding of vulnerability history, and which network segments are at the most risk. The first component is a 3-month trend of vulnerabilities followed by two bar charts. The bar charts provide a side-by-side comparison of vulnerability mitigation by subnet. The vulnerabilities that have been mitigated are in the top bar chart and current vulnerabilities are shown in the following chart.

Vulnerability Summaries - This chapter provides a series of matrices showing the relationship between mitigated vulnerabilities and unmitigated. The matrices are created using different criteria. The components provide an analysis using CVSS, CVE, and operating systems.
 

In the event of a security breach, a software inventory is essential to determine what was breached, and who needs to be notified.  First responders require a software inventory to perform forensic analysis and determine breach notification requirements for vendors, business partners, and regulatory bodies. Organizations that have a clear understanding of software in their environment can quickly assess a breach impact and identify affected areas. If legal proceedings are involved, an organized software inventory greatly assists in limiting data handed over to Law Enforcement and assists technical staff in depositions or testimony. 

Business Continuity and Disaster Recovery plans specify requirements for restoration of critical assets and services, but these need to be identified to establish a Recovery Time Objective (the amount of time to recover a service to an acceptable level of operation) and Recovery Point Objective (the last point of known good data.)  Developing and maintaining a software inventory is a critical first step in implementing an effective cyber security program.

A software inventory helps demonstrate compliance with regulatory controls and Service Level Agreements (SLA) for software used in the environment. From the perspective of “less is more,” a software inventory also identifies unnecessary software running in the environment, which increases the attack surface without providing a business advantage.

Security operations perform scans to identify operating system and application versions, including unsupported software and unpatched systems. This information is used to establish a secure baseline and measure drift from that baseline. A software inventory is necessary to determine if the software is authorized, appropriately licensed, supported, and has the most recent security fixes applied.
Identifying the authorized software assets is an important step to ensure critical assets are protected. The larger the organization, the more difficult the inventory process becomes. Tenable.io and Tenable.sc help organizations build a software inventory. There are several software discovery plugins that run by default in the following scan templates:

• Basic and Advanced Agent Scans
• Advanced (Network) Scan
• Basic (Network) Scan
• Credentialed Patch Audit
• Internal PCI Network Scan

Maintaining a software inventory aids in cyber hygiene and minimizes unauthorized software installation. Many organizations perform an annual audit by an external third party, where they are required to enumerate authorized software that is running in the environment. Organizations that maintain a current software inventory throughout the year can produce information required by auditors and vendors with minimal effort. 

The report and its chapters are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The report can be easily located in the Tenable.sc Feed under the category Discovery and Detection.

The report requirements are: 

• Tenable.sc 5.19.1
• Nessus 10.0.1

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable.io discovers and analyzes assets continuously to provide an accurate and unified view of an organization’s security posture.

Chapters

Executive Summary This chapter presents data for detected operating systems, browsers, unsupported software, and other software installations on systems within a network.

Installed Software Iteration This chapter displays software detected across the organizations systems. Software enumeration is utilized to detect Installed software.

Issues Gating Remediation This chapter displays known/identified roadblocks to completing remediation efforts.

Ransomware has evolved into an ecosystem with multiple players and an expanded threat model. Ransomware groups now deploy a double extortion technique, where they both encrypt and exfiltrate their victims’ data. The Tenable Security Research Team has released a report that enumerates common vulnerabilities exploited by ransomware affiliates and groups. The Ransomware Ecosystem report enables organizations to quickly scan for the vulnerabilities commonly exploited by ransomware groups.

Organizations with effective Business Continuity and Disaster Recovery plans are protected against threats to availability of data, which can come in many forms, such as natural disasters, hardware failures, or malicious attacks. These organizations could recover operations from a traditional ransomware attack without paying the ransom. However, the vulnerabilities that gave ransomware groups the opportunity to successfully penetrate the infrastructure may still leave organizations open to significant risk. Like any good business, ransomware players discovered the advantage of threatening data confidentiality by publishing samples of their targets’ sensitive data and threatening to expose all the data unless they are paid.

Threat actors understand the economic advantage of investing in the ransomware ecosystem, becoming more sophisticated and efficient over time. Organizations often struggle to secure a budget for resources needed to protect their infrastructure and prevent attacks from succeeding.

The Ransomware Ecosystem report displays assets by plugin family along with associated vulnerabilities. Operations teams use this information to evaluate risk based on the organization’s business priorities. The ability to rapidly mitigate vulnerabilities requires data to be presented in a concise manner focused on findings that pose the greatest risk to the organization. Risk managers leverage risk-based vulnerability management platforms to prioritize mitigation efforts.

This report is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The report can be easily located in the Tenable.sc Feed under the category Compliance & Configuration Assessments. The report requirements are:

• Tenable.sc 5.18.0
• Nessus 8.14.0

Tenable.sc enables organizations to quickly identify and locate vulnerabilities in their infrastructure.This report displays the most common vulnerabilities sorted by platform type that are commonly exploited by ransomware groups. Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives.

Chapters

Executive Summary Chapter – Contains information from the Ransomware Ecosystem Dashboard that uses the CVE and Plugin Family filters to display counts of the vulnerabilities and assets that have been affected by ransomware.

Linux Chapter  – Contains charts and tables that group together Ransomware Ecosystem related CVEs for all Linux Operating Systems and includes an IP Detail for the hosts identified.

Windows Chapter  – Contains charts and tables that group together Ransomware Ecosystem related CVEs for all Windows Operating Systems and includes an IP Detail for the hosts identified.

Other Chapter  – Contains charts and tables that group together Ransomware Ecosystem related CVEs for all "Other" Operating Systems and includes an IP Detail for the hosts identified.

Many data protection regulations, such as PCI DSS and HIPAA, levy heavy fines for data breaches of sensitive information. Effective data protection controls are necessary to avoid breaches of regulatory, statutory, or contractual obligations related to sensitive data.

Organizations that handle sensitive data, such as healthcare and credit card information, are required to audit data protection controls on an annual basis. Leveraging Tenable reports enables organizations to protect data in accordance with business risk posture for Confidentiality, Integrity and Availability (CIA).

The National Institute of Standards (NIST) Special Publication 800-53 provides comprehensive guidance for a secure infrastructure, including guidance on data protection and encryption. The information provided in Tenable dashboards and reports enables Risk Managers and Chief Privacy Officers to demonstrate to third parties and regulatory bodies that sensitive data is protected in accordance with Data Loss Prevention requirements.

The NIST Cybersecurity Framework (CSF) is a control framework, which has high level controls that align with
ISO 27001, NIST SP 800-53, and others. The Cybersecurity Framework’s prioritized, flexible, and cost-effective approach helps to promote the protection and resilience of critical infrastructure and other sectors important to the economy and national security. Many regulating bodies accept evidence documentation of compliance with the NIST CSF as assurance that the organization has effective controls in place to meet their security requirements. The HIPAA Security Rule Crosswalk to NIST Cybersecurity Framework is an example of a regulation aligning with NIST.

The report is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The report is located in the Tenable.sc Feed under the category Threat Detection & Vulnerability Assessments.

The report requirements are:

Tenable.sc 5.9.0
Nessus 10.2.0

Leveraging Tenable reports enables operations teams to verify that appropriate protections are in place for data at rest, data in transit, and removable media. Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives.

Chapters

Executive Summary: This chapter provides a summary view on the state of protections controls relating to Certificates, Encryption, and Confidentiality and Protected Information.

Data Protection Details – This chapter provides details on the state of protection controls in the environment for Certificates, Encryption, and Confidentiality and Protected Information, which are described below.

• Certificates – This section displays findings for hosts with expired certificates, certificates that are expiring soon, untrusted certificates and self-signed certificates.  Expired certificates and other certificate problems cause a denial of service, man-in-the-middle, and trust-related concerns for organizations.  
• SSL/TLS Vulnerability Summary – This section provides an overview of systems and vulnerabilities related to SSL/TLS.  The SSL/TLS Vulnerabilities by Type element displays a count of systems and vulnerabilities related to SSLv2 and SSLv3 in the first two rows. From the third row down, information is provided on all the systems running any version of TLSv1 and higher.
• Encryption – This section provides an overview of systems and vulnerabilities related to SSL/TLS and Encryption/Cryptographic Compliance. Information presented in this section highlights issues such as weak hashing algorithms and keys as well as the use of insecure encryption ciphers. Many of these issues are the result of misconfigurations or use of outdated encryption methods. This detailed information also highlights vulnerabilities that can be exploited by attackers. Tenable recommends that security teams review the data to determine the risk to the organization.
• Confidentiality of Protected Information – This section provides an overview of systems and vulnerabilities related to Security Requirement 3.13.16 in the NIST Special Publication 800-171. Revision 2 provides guidance to protect the confidentiality of Controlled Unclassified Information (CUI) at rest and maps to Security Control SC-28 of NIST Special Publication 800-53.  
• File Content Audit Results – The following section displays File Content Audit Results. The first two rows of the File Contents Audit Results Compliance Checks provide the total count of Passed checks, Failed checks, and checks requiring a manual review. The first row, ‘Check Count’, provides a count of the current checks per check status. The second row, ‘Check Ratio’, provides a ratio view of check status. The three columns together total 100%. The last two rows provide a system count analysis. The third row, ‘System Count’, provides the number of systems with at least one audit check in the applicable state. The last row, ‘System Ratio’, provides a percentage of systems with at least one audit check in the applicable state.

Web applications often have the ability to interface with system functions and critical databases to add or modify data. By design, web applications need to enable customers and users access to this data.  This capability means that attackers are often able to leverage the same forms or other data entry methods to exploit flaws in web frameworks or other related software to bypass access controls. Web applications exist on remote servers or in cloud environments, and data is transmitted over public networks, presenting a very real and present attack path in the organization’s global attack vector. Web application security is a critical aspect to ensure the confidentiality, integrity, and availability of web applications. This report provides a combined view of data collected using the Tenable Web App Scanner and Tenable Vulnerability Management using Nessus.

Organizations need to know what web services are operating in the environment to ensure these web services are analyzed for current known vulnerabilities and attacks. Tenable Security Center along with Tenable Web App Scanning provides a thorough view of risks related to web services.  Leveraging both scan methods enables the security operations team and application developers to see risk and threat vectors from application frameworks and vulnerabilities on the host servers themselves.

Security and compliance frameworks, such as the Open Web Application Security Project (OWASP) Top 10, provides risk managers insight into methods used by adversaries to exploit common flaws and misconfigurations. Tenable Web App Scanner attributes vulnerabilities using the Cross Reference field to link to all published OWASP versions. Upon completion of the web application scan, the vulnerabilities detected and linked to OWASP 2021 provide an industry best practice approach to mitigating vulnerabilities.  

The report and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The report can be easily located in the Tenable Security Center Feed under the category Threat Detection & Vulnerability Assessments. The requirements for this report are:

• Tenable Security Center 6.2.0
• Tenable Nessus 10.5.4
• Tenable Web Application Scanner

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Security Center discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture.

Chapters

Executive Summary: The chapter provides a high-level view of web related vulnerabilities collected by Tenable Web App Scanner and Tenable Nessus. Through trending and comparative charts, security managers are able to view current and past health of web applications and the associated server assets.  

SSL Related Vulnerabilities: This chapter provides the development team with information related to SSL, TLS and other encryption related vulnerabilities. The trending charts and tables enables risk migration teams to identify the affected assets and begin the remediation process.  

Most Critical OWASP 2021 Vulnerabilities: This chapter combines the OWASP 2021 categories along with CVSSv3 categories to identify the top vulnerably that needs to be mitigated first. A series of tables and charts provide the vulnerability details and affected URL assets. 

Web Application Vulnerabilities by Collection Method: This chapter provides a summarized list of all web application vulnerabilities from both Nessus and Tenable Web App Scanner.  A series of tables and trend charts helps security operations teams and risk managers to track progress and focus efforts as needed. 

The prevalence of web applications makes them a prime target for cyber criminals. Failure to secure web applications can lead to serious financial and reputational consequences. This report provides details of vulnerability data discovered by Tenable Web App Scanning.

Tenable Web App Scanning provides comprehensive and accurate vulnerability scanning and risk analysis by leveraging OWASP Top 10 risks to vulnerable web application components. Tenable provides comprehensive and automated vulnerability scanning for modern web applications using Dynamic Application Security Tests (DAST). The security and development teams leverage these detailed vulnerability scans of the application at any point in the development lifecycle and are able understand the true security risks of the web application before deployment.

Tenable Security Center uses a comprehensive list of attributes to increase visibility into web application vulnerabilities. Risk managers are able to focus on security challenges that pose the greatest threat and most risk by leveraging Common Vulnerability Scoring System (CVSS) and OWASP references. The report provides a detailed view of the web application components and custom code vulnerabilities. Additionally, vulnerability details related to Log4J are provided, which displays any detected applications that are found to be vulnerable to Log4J exploits.

The report and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The report can be easily located in the Tenable Security Center Feed under the category Security Industry Trends.

The requirements for this dashboard are:

• Tenable Security Center 6.2.0
• Tenable Web Application Scanner

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Security Center discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture.

Chapters

Executive Summary: The Tenable Web App Scanning Overview report provides details of vulnerability data discovered by Tenable Web App Scanning, beginning with summary dashboard style view for leadership team. 

Web Application Vulnerability Statistics: This chapter combines the data collected from Nessus and Tenable Web App Scanner, providing a holistic view of vulnerabilities based on scanning the physical asset as well as the web application asset.  

OWASP 2021 Vulnerability Summary: Security and compliance frameworks, such as the Open Web Application Security Project (OWASP) Top 10, provides risk managers insight into methods used by adversaries to exploit common flaws and misconfigurations. 

Log4Shell: This chapter provides trending analysis along with vulnerability details related to log4shell vulnerabilities detected by both Nessus and Tenable Web App Scanning. Tenable recommends prioritizing these applications immediately for remediation efforts.
 

From e-commerce to online banking, the world is interconnected with web applications. The internet provides a contactless method to conduct office meetings, engage with healthcare professionals, shop, attend classes, and more.  Protecting data has never been more important. Failure to secure web applications can lead to serious financial and reputational consequences. According to statistics published in Tenable's Threat Landscape Report, web application vulnerabilities continue to repeatedly pose a significant threat to organizations.

Web application security refers to the practices employed to detect and mitigate threats and vulnerabilities that may compromise the confidentiality, integrity, and availability of web applications. As the internet has evolved to become an integral part of how organizations conduct business, web applications have become increasing popular and essential to meet the requirements. This growing popularity of web applications and online transactions provides lucrative targets for cybercriminals. Data presented within this report highlights the top most vulnerable web applications and assets at risk for exploitation.

This report leverages data from Tenable Web App Scanning, a comprehensive and automated vulnerability scanning tool for modern web applications. Organizations can perform Dynamic Application Security Tests (DAST) on any application, anywhere, at any point in the application lifecycle. Of specific importance is the Tenable Web App Scanning ability to scan for vulnerabilities from the Open Web Application Security Project (OWASP) Top 10 risks, and provide comprehensive and accurate vulnerability data. 

The Open Web Application Security Project (OWASP) is a non-profit foundation that provides community-driven consensus insight into web application security concerns. The OWASP Top 10 list highlights several different aspects of web-based security, such as Cross-Site Scripting attacks, security misconfigurations, and sensitive data exposure. The focus of the OWASP Top 10 is to reduce risk across the most vulnerable aspects of web applications across the internet. Following these guidelines enables organizations to reduce risk of organizational and customer data theft. 

In addition, Common Vulnerability and Exposures (CVE), and other configuration tests provide insight into thousands of related vulnerabilities and misconfigurations. Vulnerability data presented in this report leverages all the gathered web application vulnerability information to provide organizations with a method to break the vulnerability cycle. The data provided in the report enables organizations to better communicate risk, prioritize patching efforts, and reduce the attack surface. 

This report is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The report can be easily located in the Tenable.sc Feed under the category Executive. The report requirements are:

• Tenable.sc 6.2.0
• Tenable Web App Scanning

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Security Center discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture.

Chapters

New Web Application Vulnerabilities: This chapter provides a view of web application vulnerabilities which are newly discovered. The elements summarize the first stage of vulnerabilities in the risk life cycle.  The Web Application Vulnerabilities by State matrix tracks web application vulnerabilities through each state provides management information on the progress of risk mitigation efforts. The following two tables provide the Top 100 Web URLs and newly discovered vulnerabilities. The Top 100 Most Vulnerable Web Applications (Last 14 Days) focuses on the Assets according to the URL scanned using the Tenable Web Application Scanner. While the Top 100 WAS Vulnerabilities and Affected Assets (Last 14 Days) table provides more detail showing the vulnerability and the associated assets.

New OWASP 2021 Vulnerabilities: This chapter provides a view of OWASP 2021 vulnerabilities which are newly discovered. The OWASP 2021 Categories (Last 14 days) matrix displays web application vulnerabilities identified using the 2021 OWASP categories. The following two tables provide the Top 100 Web URLs and newly discovered vulnerabilities. The OWASP 2021 Top 100 Most Vulnerable Web Applications (Last 14 Days) focuses on the Assets according to the URL scanned using the Tenable Web Application Scanner. While the OWASP 2021 Top 100 WAS Vulnerabilities and Affected Assets (Last 14 Days) table provides more detail showing the vulnerability and the associated assets.

Web application security is a key concern for any organization that develops or uses web applications. The software security community created the Open Web Application Security Project (OWASP) to help educate developers and security professionals on the latest web application security risks. Tenable has published reports for each OWASP version that has been released (2010,2013,2017, API 2019, and 2021). The individual reports provide organizations the ability to monitor web applications by identifying the top 10 most critical web application security risks as described in OWASP's Top 10 Application Security Risks document for the OWASP version being utilized.

The OWASP Top 10 Application Security Risks document outlines several different aspects of web-based security concerns, such as Cross-Site Scripting attacks (XSS), security misconfigurations, and sensitive data exposure. The focus of the OWASP Top 10 is to reduce risk across the most vulnerable business assets across the internet. Following these guidelines empowers organizations to reduce risk of organizational and consumer data theft.

Administrators need to ensure that their organization is not vulnerable to any of the attacks identified in the OWASP Top 10 Application Security Risks document for the relevant OWASP version being currently being used. Compliance related issues, such as known vulnerable components and insufficient logging, must be remediated to eliminate gaps in an organization's security that are not directly tied to exploitable attacks.

This report covers all aspects of the OWASP Top 10 version being utilized and provides administrators the tools and information needed to aid their efforts. The report contains 10 chapters, each aligned with one of the ten most critical web application risks (A1-A10). The information provides guidance to organizations on the actions necessary to mitigate business risk through strong security practices. The report requirements are Tenable Web App Scanning.

Report Templates:

The OWASP Top 10 categories are updated every 3 to 4 years and highlight the most critical web application security vulnerabilities. The following report templates are available and contain sections for each of the listed OWASP Top 10 categories.

• OWASP Categories 2010 - For 2010, the OWASP Top 10 focuses on Injection, Cross-Site Scripting (XSS), and Broken Authentication in the top three positions.
• OWASP Categories 2013 - For 2013, the OWASP Top 10 focuses on Injection, Broken Authentication and Session Management in the top three positions.
• OWASP Categories 2017 - For 2017, the OWASP Top 10 focuses on Injection, Broken Authentication, and Sensitive Data Exposure in the top three positions.
• OWASP Categories API 2019 - For 2019, the OWASP Top 10 focuses on Broken Object Level Authorization, Broken User Authentication, and Excessive Data Exposure in the top three positions.
• OWASP Categories 2021 - For 2021, the OWASP Top 10 focuses on Broken Access Control, Cryptographic Failures, and Injection in the top three positions.

In an era of rapidly evolving Artificial Intelligence/Large Language Model (AI/LLM) technologies, cybersecurity practitioners face significant challenges in monitoring unauthorized AI solutions, detecting AI vulnerabilities, and identifying unexpected AI/LLM development. Tenable Security Center leverages advanced detection technologies - agents, passive network monitoring, dynamic application security testing, and distributed scan engines - to surface AI/LLM software, libraries, and browser plugins. The risk managers utilize this report to begin a comprehensive review of the AI/LLM packages in systems and web applications, along with associated vulnerabilities, mitigating risks of exploitation, data leakage, and unauthorized resource consumption.

AI/LLM technologies are promising and can transform many industries and businesses, offering new innovation and efficiency opportunities. However, the technology represents a huge security challenge at many layers and this impact should not be overlooked. By using Tenable Security Center and Tenable Web App Scanning the organization is able to take a security-first approach. When combined with best practices and robust governance policies, the organizations can harness the power of AI/LLM and mitigate the associated emerging threats.  

This report provides a detailed view of AI/LLM use by leveraging Nessus plugin (196906) to detect AI/LLM usage in 3 ways: browser extensions, applications, and file paths all common to AI/LLM implementations. AI/LLM vulnerabilities discovered in web applications are identified using the Web Application Scanner, alongside network traffic analysis using the Nessus Network Monitor (NNM). By combining all methods of data collection, the risk managers are able to identify problem areas and other risks associated with AI/LLM.

Chapters

Executive Summary: This chapter provides a detailed view of AI/LLM use by leveraging Nessus plugin (196906) to detect AI/LLM usage in 3 ways: browser extensions, applications, and file paths all common to AI/LLM implementations. AI/LLM vulnerabilities discovered in web applications are identified using the Web Application Scanner, alongside network traffic analysis using the Nessus Network Monitor (NNM). 

AI/LLM Browser Extensions Chapter: This chapter provides the details for Assets that we found to have one or more of the AI/LLM detection browser extension plugins detected by Nessus. The chapter will search through plugins that include certain keywords: GPT, CopIlot, or AI. The AI/LLM Browser Detection chart shows the count of plugins related to the detection of GPT, AI, or Copilot AI or LLM browser extensions. 

AI/LLM Software Detected Using Nessus: This chapter provides the details for Assets that we found to have one or more of the AI/LLM software plugins detected by Nessus. The introductory matrix provides an indicator for all the matches found in the organization, followed by a a chart and table showing the affected assets.

AI/LLM Usage Detected Using Web Application Security: This chapter provides the details for web application assets that we found to have one or more of the AI/LLM detection plugins. The LLM/AI Usage Detected by WAS chart shows the count of plugins related to the detection of AI or LLM. 

2022 began with concerns over supply chains and Software Bills of Material (SBOM) as organizations worldwide were forced to reconsider how they respond to incidents in anticipation of the next major event. Tenable’s Security Response Team (SRT) continuously monitors the threat landscape throughout the year, always at the forefront of trending vulnerabilities and security threats. This dashboard provides a summary of Tenable data that has been compiled over the past year.

In a year marked by hacktivism, ransomware and attacks targeting critical infrastructure in a turbulent macroeconomic environment, organizations struggled to keep pace with the demands on cybersecurity teams and resources. Attacks against critical infrastructure remained a common concern. Ransomware continued to wreak havoc, even as some groups had operations shuttered by law enforcement, collapsed under the weight of internal power struggles, or splintered into new groups. New and complex vulnerabilities emerged, providing remediation challenges.

Perhaps most alarming is that the vulnerabilities of years past continue to haunt organizations. In fact, known flaws were so prominent inn 2022 that they warranted a spot on Tenable’s list of top vulnerabilities of 2022. We cannot stress this enough: Threat actors continue to find success with known and proven exploitable vulnerabilities that organizations have failed to patch or remediate successfully.

The constant evolution of the modern digital environment introduces new challenges for security practitioners. Successful security programs must take a comprehensive approach and understand where the most sensitive data and systems reside and what vulnerabilities or misconfigurations pose the greatest risk. Given the brisk rate of digital transformation, a complete understanding of the external attack surface is paramount.

With thousands of new vulnerabilities patched each year, only a small subset will ever see active exploitation. Focusing resources on the vulnerabilities that are exploitable and understanding how attackers chain vulnerabilities and misconfigurations enables security teams to design comprehensive strategies to reduce their overall risk exposure.

The Tenable 2022 Threat Landscape Report (TLR) inspects key aspects of the cybersecurity landscape and describes how organizations can revise their programs to focus on reducing risk. The TLR covers:

• Significant vulnerabilities disclosed and exploited throughout the year, including how common cloud misconfigurations can affect even large tech companies
• The continuous transformation of the ransomware ecosystem and the rise of extortion-only threat groups
• Ongoing risks, vulnerabilities and attacks within the software supply chain
• Tactics used by advanced persistent threat groups to target organizations with cyber espionage as well as financially motivated attacks.
• Breach factors and the challenges in analyzing breach data, given the limited information available and lack of detailed reporting requirements
• Details of the key vulnerabilities affecting enterprise software

Tenable Research delivers world class cyber exposure intelligence, data science insights, alerts, and security advisories. The Tenable Research teams perform diverse work that builds the foundation of vulnerability management. The Security Response Team (SRT) tracks threat and vulnerability intelligence feeds and provides rapid insight to the Vulnerability Detection team, enabling them to quickly create plugins and tools that expedite vulnerability detection. This fast turnaround enables customers to gain immediate insight into their current risk posture. Tenable Research has released over 180,000 plugins and leads the industry on CVE coverage. Additionally, the SRT provides breakdowns for the latest vulnerabilities on the Tenable Blog and produces an annual Threat Landscape Report. The SRT continuously analyzes the evolving threat landscape, authors white papers, blogs, Cyber Exposure Alerts, and additional communications to provide customers with comprehensive information to evaluate cyber risk.

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable.sc discovers and analyzes assets continuously to provide an accurate and unified view of an organization’s security posture. The requirements for this dashboard is: Nessus.

Components

TLR 2022 – Top 5 Vulnerabilities:  This component features the top five vulnerabilities of 2022 as described in Tenable's 2022 Threat Landscape Report: Log4shell, Apache Log4j - CVE-2021-44228, Follina, Microsoft Support Diagnostic Tool - CVE-2022-30190, Atlassian Confluence Server and Data Center - CVE-2022-26134, ProxyShell, Microsoft Exchange Server - CVE-2021-34473, and Known Vulnerabilities - CVE-20XX-XXXX.

2022 TLR – Mitigation Tasks:  This component provides a list of patches that mitigate the key vulnerabilities in 2022, leveraging the CVEs identified in Tenable's 2022 Threat Landscape Report (TLR). The Remediation Summary tool uses the concept of a Patch Chain, and identifies the top patch to be remediated for the greatest risk reduction. When the top patch is applied, all other patches in the chain will be remediated.

2022 TLR – 90 Day Trend Analysis of Key Vulnerabilities: This component provides a 90-day analysis of the most notable vulnerabilities in 2022, leveraging the CVEs identified in Tenable's 2022 Threat Landscape Report (TLR). There are over 180 CVEs discussed in the TLR, which, combined with the trend line, helps risk managers determine how risk has been reduced over a period of 90 days. The vulnerability last observed filter is set to 1 day to display risk changes on a daily basis.

2022 TLR CVSS to VPR Heat Map: This component provides a correlation between CVSSv3 scores and Vulnerability Priority Rating (VPR) scoring for the key vulnerabilities listed in the 2022 Threat Landscape Report (TLR). The CVSSv3 scores are the standard scoring system used to describe the characteristics and severity of software vulnerabilities. Tenable's VPR helps organizations refine the severity level of vulnerabilities in the environment by leveraging data science analysis and threat modeling based on emerging threats. Each cell is comprised of a combination of cross-mapping of CVSS, VPR scoring, and 2022 CVE identifiers. Using a heat map approach, the filters begin in the left upper corner with vulnerabilities that present least risk.  Moving to the right and lower down the matrix the colors change darker from yellow to red as the risk levels increase.  Tenable recommends that operations teams prioritize remediation for risks in the lower right corners, and then work towards the upper left cells.

2022 TLR – Zero Day Vulnerabilities by Software/Hardware Type: This component displays a list of software/hardware that had zero-day vulnerabilities described in the 2022 Threat Landscape Report (TLR). Each indicator uses CVE from the report through the entire 2022 year. Details are provided in Tenable's 2021 Threat Landscape Report (TLR).

2022 TLR Key Vulnerabilities: This component displays cells for the most significant vulnerabilities of 2022 using CVE filters from the 2022 Threat Landscape Report. These filters display the key vulnerabilities from 2022 as well as the notable legacy vulnerabilities from prior years. Details are provided in Tenable's 2022 Threat Landscape Report.

When dealing with compliance regulations, each organization can face a variety of potential risks. Without having a full understanding of an organization’s risk exposure, critical systems and data will be at risk for attacks or data leakage. The Center for Internet Security (CIS) developed a series of best practice benchmarks for a variety of applications, operating systems, servers, and databases used within organizations today. Each benchmark contains recommended security settings designed to harden systems and applications from attack while maintaining overall system functionality. The components in these dashboards present a summary of results gathered from CIS compliance scans using the CIS Benchmarks.

Tenable has been certified by CIS to perform a wide variety of platform and application audits based on the best practice consensus benchmarks developed by CIS. Tenable submits example test cases for all of the criteria within each unique benchmark, and then submits our results to CIS personnel for official certification. Tenable has developed audit files based on the CIS Benchmarks tested on systems, and has been approved and certified by CIS staff members.

When performing managed scans with Tenable.sc, some CIS audits require additional patch audits and vulnerability checks. Any additional requirements for completing an audit using the CIS Benchmarks will be included within the audit file description text. In some cases, multiple scans may be required, as Tenable provides both Level 1 and Level 2 audit checks. Level 1 checks provide minimum settings recommendations, and are generally considered safe to apply to most systems. Level 2 checks include recommendations for complex or highly secure environments, and can lead to reduced functionality of systems within the network.

Information presented within these dashboards includes a summary of CIS audit checks currently supported by Tenable. Results will highlight one of three severity levels that will provide valuable information analysts can use to harden systems within the enterprise. The informational severity level is considered “Passed”, indicating that the configuration setting matches the expected result of the audit check. Results assigned a medium severity must be evaluated by an analyst to determine whether the results are accurate or not. When an audit check fails, the severity is set to high, indicating that the collected result and the expected result do not match. Each failure should be reviewed, fixed, and re-scanned to ensure that the system has been secured properly. Using these benchmarks will help to assess the effectiveness of existing security controls on systems, and provide the critical context needed to strengthen an organization's security posture.

If needed, audit files can be modified to an organization’s specific requirements. Additional information on how to edit audit files can be found within the “Nessus Compliance Checks” document in the Support Portal.

These dashboards are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The dashboards can be easily located in the Tenable.sc Feed under the category Compliance & Configuration Assessment. The dashboard requirements are:

• Tenable.sc 5.2.0
• Nessus 8.6.0
• CIS Audit Files
• Compliance Data

In order to maintain the overall security of systems and data within the enterprise, organizations must have an effective and repeatable way to measure compliance results. Tenable Tenable.sc helps organizations obtain results using the CIS Benchmarks by measuring compliance in real time, providing an accurate assessment of an organization’s security posture. By prioritizing remediation actions of misconfigured systems, the organization can maximize their investment in compliance reporting and system hardening efforts. With more supported technologies than any other vendor, Tenable assists organizations in obtaining the most comprehensive view of the network and the intelligence needed to assess and protect systems using CIS compliance standards.

There are 3 dashboards with over 40 individual components. As with all dashboards in Tenable.sc, individual components can be rearranged, edited, or removed to focus on the components of interest. To edit or delete a component, click on the Gear menu in the upper-right title area of a component and select the appropriate menu item. Components can be rearranged using drag and drop. To change the visual display of the entire dashboard, for example from 3 columns to 2 columns or 1 column, from the Options menu select Edit Dashboard and select a layout style.  

The following dashboards are available:

• CIS Audit Summary (Networking and Applications): This dashboard provides the components for application servers (Apache, MongoDB, Oracle, RDMS), networking or container based services (Cisco, Docker, Kubernetes, Palo Alto, VMwareESXi) and other similar benchmarks.
• CIS Audit Summary (Microsoft): This dashboard provides the components for all Microsoft benchmarks, including servers, workstation, and various other applications.  
• CIS Audit Summary (Linux Benchmarks): This dashboard provides the components for AlmaLinux, Rocky Linux, Amazon Linux, CentOS, Debian, Fedora, HP-UX, macOS, NGINX, RedHat, SUSE, and other similar operating systems.

Web applications often have the ability to interface with system functions and critical databases to add or modify data. By design, web applications need to enable customers and users to access this data.  This capability means that attackers are often able to leverage the same forms or other data entry methods to exploit flaws in web frameworks or other related software to bypass access controls. Web applications exist on remote servers or in cloud environments, and data is transmitted over public networks, presenting a very real and present attack path in the organization’s global attack vector. Web application security is a critical aspect to ensure the confidentiality, integrity, and availability of web applications. This dashboard provides a combined view of data collected using the Tenable Web App Scanner and Tenable Vulnerability Management using Nessus.

Organizations need to know what web services are operating in the environment to ensure these web services are analyzed for current known vulnerabilities and attacks. Tenable Security Center along with Web Application Scanning provides a thorough view of risks related to web services.  Leveraging both scan methods, enables the security operations team and application developers to see risk and threat vectors from application frameworks and vulnerabilities on the host servers themselves.  

Security and compliance frameworks, such as the Open Web Application Security Project (OWASP) Top 10, provides risk managers insight into methods used by adversaries to exploit common flaws and misconfigurations. Tenable Web Application Scanner attributes vulnerabilities using the Cross Reference field to link to all published OWASP versions. Upon completion of the web application scan, the vulnerabilities detected and linked to OWASP 2021 provide an industry best practice approach to mitigating vulnerabilities.  

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable Security Center Feed under the category Threat Detection & Vulnerability Assessments.

The requirements for this dashboard are:

• Tenable Security Center 6.2.0
• Tenable Nessus X.Y.Z
• Tenable Web Application Scanner

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Security Scanner discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture. 

Components

Web Services - WAS Highest Vulnerabilities by Plugin Family: This component provides a summary of the highest risk affecting (severity Medium to Critical) vulnerabilities collected using Tenable Web App Scanner. The Plugin Family Summary tool enables security teams to see at a high level the percentage of high-risk vulnerabilities. In addition to the severity filter, a new filter called Web App Scanning, set to “Only Web App Results” ensures that only the vulnerabilities that are collected from the web application scan are presented.  The drill down will also go straight to the “Web App Scanning” tab in the Analysis view.

Web Services - Most Critical Web Application Vulnerabilities Discovered by Nessus: This component provides a summary of the highest risk affecting (severity Medium to Critical) vulnerabilities collected using Nessus. The Plugin Family Summary tool enables security teams to see at a high level the percentage of high-risk vulnerabilities. The component also uses the Plugin Family filter and only selects the CGI and Web Server families. In addition to the severity and Plugin Family filters, a new filter called Web App Scanning, set to “Exclude Web App Results” ensures that only the vulnerabilities that are collected from a Nessus scan are presented.  

Web Services - Host and Web Application SSL Vulnerabilities: This matrix compares the web server related vulnerabilities by severity and collection method. Each row is separated using the Web App Scanning filter.  The top row has the filter set to “Exclude Web App Results” and bottom row is set to “Only Web App Results”.  This view allows the security operations team to get a side-by-side view of web-based vulnerabilities linked by severity.  

Web Services - Most Critical OWASP 2021 Categories: This matrix provides an indicator for each OWASP 2021 category where vulnerabilities were detected using the Tenable Web App Scanner. In addition to Cross Reference filter, the matrix uses CVSSv3 Vectors to provide a higher level of risk. The vectors used are: Attack Vector: Network (AV:N), Attack Complexity: Low (AC:L), Privileges Required: None (PR). If the vulnerability has any of these vectors applied, the attacks on the asset are at a greater risk to being exploited, and need to be addressed immediately.

Web Services - Web App Vulnerabilities over last 50 days: This component provides a trend summary of the highest risk affecting (severity Medium to Critical) vulnerabilities collected using Tenable Web App Scanner.  The data points are calculated with the Vulnerability Last Observed set to within the last day, thus each query point in the graph will show the total vulnerabilities that were seen since the last query point. In addition to the date and severity filters, a new filter called Web App Scanning, set to “Only Web App Results” ensures that only the vulnerabilities that are collected from the web application scan are presented.

The prevalence of web applications makes them a prime target for cyber criminals. Failure to secure web applications can lead to serious financial and reputational consequences. This dashboard provides a high-level summary of vulnerability data discovered by Tenable Web App Scanning.

Tenable Web App Scanning provides comprehensive and accurate vulnerability scanning and risk analysis by leveraging OWASP Top 10 risks to vulnerable web application components. Tenable provides comprehensive and automated vulnerability scanning for modern web applications using Dynamic Application Security Tests (DAST). The security and development teams leverage these detailed vulnerability scans of the application at any point in the development lifecycle and are able understand the true security risks of the web application.

Tenable Security Center uses a comprehensive list of attributes to increase visibility into web application vulnerabilities. Risk managers are able to focus on security challenges that pose the greatest threat and most risk by leveraging Common Vulnerability Scoring System (CVSS) and OWASP references. The dashboard provides a detailed view of the web application components and custom code vulnerabilities. Additionally, vulnerability details related to Log4J are provided , which displays any detected applications that are found to be vulnerable to Log4J exploits.

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable Security Center Feed under the category Security Industry Trends.

• The requirements for this dashboard are:
• Tenable Security Center 6.2.0
• Tenable Web Application Scanner

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Security Center discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture.

Components

Web App Scanning - Statistics: The matrix provides a quick overview of actionable metrics collected using Nessus and Tenable Web AppScanner. The first column shows a count of vulnerabilities with a CVSSv3 score present, followed by the most critical of vulnerabilities with a CVSSv3 score greater than 9.  The "Needs Review" column displays the vulnerabilities with CVSSv3 base score of 5 to 8. The "Remediated" column shows all vulnerabilities with a CVSSV3 score greater than 5 that have been remediated.  The last two columns are focused on OWASP based vulnerabilities. The matrix provides two rows, the top showing vulnerabilities detected by Nessus.

Web App Scanning - Log4Shell Vulnerabilities: This chart presents a list of log4shell vulnerabilities detected by both Nessus and Tenable Web App Scanning. The chart uses the plugin name string and "Include Web App Results" to provide ring segments for each discovered vulnerability. Tenable recommends that these applications be prioritized immediately for remediation efforts.

Web App Scanning - OWASP 2021 Categories: This matrix provides a count of assets and vulnerabilities for each OWASP 2021 category that were detected using the Tenable Web App Scanner. Security and compliance frameworks, such as the Open Web Application Security Project (OWASP) Top 10, enables risk managers to gain insight into methods used by adversaries to exploit common flaws and misconfigurations.  Tenable Web App Scanner attributes vulnerabilities using the Cross Reference field to link to all published OWASP versions. Upon completion of the web application scan, the vulnerabilities detected and linked to OWASP 2021 provide an industry best practice approach to mitigating vulnerabilities.

Web App Scanning - Tenable Detected Applications Vulnerable to Log4Shell: The table presents a list of assets detected by both Nessus and Tenable Web App Scanning that are vulnerable to log4shell. The chart uses the plugin name string and "Include Web App Results" to provide entries for assets with the log4shell vulnerability. Tenable recommends that these applications be prioritized immediately for remediation efforts.

From e-commerce to online banking, the world is interconnected with web applications. The internet provides a contactless method to conduct office meetings, engage with healthcare professionals, shop, attend classes, and more. Protecting data has never been more important. Failure to secure web applications can lead to serious financial and reputational consequences. According to statistics published in Tenable's Threat Landscape Report, web application vulnerabilities continue to repeatedly pose a significant threat to organizations.

Web application security refers to the practices employed to detect and mitigate threats and vulnerabilities that may compromise the confidentiality, integrity, and availability of web applications. As the internet has evolved to become an integral part of how organizations conduct business, web applications have become increasing popular and essential to meet the requirements. This growing popularity of web applications and online transactions provides lucrative targets for cybercriminals. Data presented within this dashboard highlights the top most vulnerable web applications and assets at risk for exploitation.

This dashboard leverages data from Tenable Web App Scanning, a comprehensive and automated vulnerability scanning tool for modern web applications. Organizations can perform Dynamic Application Security Tests (DAST) on any application, anywhere, at any point in the application lifecycle. Of specific importance is the Tenable Web App Scanning ability to scan for vulnerabilities from the Open Web Application Security Project (OWASP) Top 10 risks, and provide comprehensive and accurate vulnerability data.

The Open Web Application Security Project (OWASP) is a non-profit foundation that provides community-driven consensus insight into web application security concerns. The OWASP Top 10 list highlights several different aspects of web-based security, such as Cross-Site Scripting attacks, security misconfigurations, and sensitive data exposure. The focus of the OWASP Top 10 is to reduce risk across the most vulnerable aspects of web applications across the internet. Following these guidelines enables organizations to reduce risk of organizational and customer data theft.

In addition, Common Vulnerability and Exposures (CVE), and other configuration tests provide insight into thousands of related vulnerabilities and misconfigurations. Vulnerability data presented in this dashboard leverages all the gathered web application vulnerability information to provide organizations with a method to break the vulnerability cycle. The data provided in the dashboard enables organizations to better communicate risk, prioritize patching efforts, and reduce the attack surface.

Components

Top 100 Most Vulnerable Web Applications (Last 14 Days): The table displays a list of the vulnerabilities the application from most severe to least severe. This information enables analysts to prioritize remediation efforts by identifying the top vulnerabilities to remediate that will reduce the organization's overall attack surface. 

Top 100 WAS Vulnerabilities by Plugins (Last 14 Days): This table provides a list of Web Application vulnerabilities that have been seen within the last 14 days as well as the total number of instances of each vulnerability. The Plugin Family is displayed as well as the Plugin ID and Severity of each vulnerability. This information enables analysts to prioritize remediation efforts by identifying the top vulnerabilities to remediate that will reduce the organization's overall attack surface. 

Web App Vulnerabilities by State: This matrix provides a view into the vulnerability life cycle for web applications. Tracking web application vulnerabilities through each state provides management information on the progress of risk mitigation efforts.

Top 2021 OWASP Categories Discovered in the Last 14 Days: This matrix displays active Web Application vulnerabilities from Tenable Web App Security by OWASP category for 2021. Displayed is a row for assets and vulnerabilities for each OWASP category. 

Web application security is a key concern for any organization that develops or uses web applications. The software security community created the Open Web Application Security Project (OWASP)  to help educate developers and security professionals on the latest web application security risks. This dashboard provides organizations the ability to monitor web applications by identifying the top 10 most critical web application security risks as described in OWASP's Top 10 Application Security Risks document for 2021.

The OWASP Application Security Risks document outlines several different categories of web-based security concerns, such as Cross-Site Scripting attacks (XSS), security misconfigurations, and sensitive data exposure. OWASP's focus is to reduce risk across the most vulnerable business assets across the internet. Following these guidelines empowers organizations to reduce risk of organizational and consumer data theft.

Administrators need to ensure that their organization is not vulnerable to any of the attacks identified by OWASP. Remediating compliance related issues, such as known vulnerable components and insufficient logging, is important to eliminate gaps in an organization's infrastructure that are not directly tied to exploitable attacks.

These dashboards are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The dashboards can be easily located in the Tenable.sc Feed under the category Compliance & Configuration Assessment. The dashboard requirements are:

• Tenable.sc 6.2.0
• Tenable Web Application Scanning

This dashboard covers all versions of the OWASP Top 10 from 2010 to 2021, and provides administrators the tools and information needed to aid their efforts. The dashboard provides comparative view between version, using the cross-reference field utilized by plugins. The information will guide organizations on the actions to mitigate business risk through strong security practices. 

Components

WAS Data Concerns: This bar chart displays current (2021) OWASP vulnerability counts, sorted by plugin family and severity. According to OWASP, "the Top 10 represents a broad consensus about the most critical security risks to web applications." Identifying and fixing these issues provides organizations with a solid foundation for secure web development.

OWASP Categories by URL: This component displays vulnerability status counts for each Uniform Resource Locator (URL) within the organization. The URLs are sorted from those with the highest, most severe vulnerabilities to the least severe. Each URL has a graph of severity results for each severity category. 

OWASP Versions by State: This matrix displays the current and all previous OWASP versions along with a column displaying each state (New, Current, Resurfaced, Fixed). This information assists organizations in identifying OWASP vulnerabilities that are new, currently active, have previously been mitigated and have resurfaced, or have been fixed, for each OWASP version. 

OWASP Versions by Severity: This matrix displays the current and all previous OWASP Top 10 from Critical to Low. Each cell displays data on the count of web application vulnerabilities associated with the OWASP Top 10 release, and severity level. This information assists organizations in identifying the most severe OWASP vulnerabilities for the OWASP version in use. 

The CL0P Ransomware Group, also known as TA505, has exploited zero-day vulnerabilities across a series of file transfer solutions since December 2020. File transfer solutions often contain sensitive information from a variety of organizations. This stolen information is used to extort victims to pay ransom demands. In 2023, CL0P claimed credit for the exploitation of vulnerabilities in both Fortra’s GoAnywhere Managed File Transfer (MFT) and Progress Software’s MOVEit Transfer solutions.

Research conducted as part of security audits has revealed additional vulnerabilities. This dashboard contains a list of vulnerabilities known to be exploited by the CL0P ransomware group as well as other vulnerabilities that could be leveraged by CL0P and other threat actors. Operations teams can use this data to identify the assets affected by the associated CVEs targeted by the CL0P ransomware group. The following Nessus plugins identify the affected vulnerabilities:

•  90190: Progress MOVEit Transfer Installed (Windows)
• 176735: Progress MOVEit Transfer Web Interface Detection
• 176736: Progress MOVEit Transfer FTP Detection
• 176567: Progress MOVEit Transfer
• 177371: Progress MOVEit Transfer Critical Vulnerability (June 15, 2023)

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable Security Center Feed under the category Security Industry Trends.

The requirements for this dashboard are:

• Tenable Security Center 6.1.1
• Tenable Nessus 10.5.2

The Security Response Team (SRT) in Tenable Research digs into technical details and tests proof-of-concept attacks, when available, to ensure customers are fully informed of risks. The SRT also provides breakdowns for the latest vulnerabilities in the Tenable blog.

Tenable Research has posted the FAQ for MOVEit Transfer Vulnerabilities and CL0P Ransomware Gang blog post to provide the latest information about this threat.

Components

CL0P Ransomware Group MOVEit – This table displays assets that are vulnerable to recent targeted attacks by the CL0P Ransomware Group (aka TA505) related to Progress Software’s MOVEit Transfer solutions. The component specifically provides results for pluginIDs 90190, 176735, 176736, 176567, 177082, and 177371. These vulnerabilities are associated with a zero-day that is actively being exploited. The table displays the IP address, NetBIOS, DNS, and OS CPE of any identified vulnerable assets, and the Vulnerabilities severity bar.

CL0P Ransomware Group Fortra GoAnywhere MFT – This table displays assets that may be vulnerable to recent targeted attacks by the CL0P Ransomware Group (aka TA505) related to Fortra GoAnywhere Managed File Transfer (MFT). The component specifically provides results for pluginIDs 171845, 171558, 171771, and 113896. These vulnerabilities are associated with a zero-day that is actively being exploited. The table displays the IP address, NetBIOS, DNS, OS CPE of any identified vulnerable assets, and the Vulnerabilities severity bar. 

CL0P Ransomware Group Accellion File Transfer – This table displays assets that may be vulnerable to recent targeted attacks by the CL0P Ransomware Group (aka TA505) for CGI abuses related to Accellion Secure File Transfer. The component specifically provides results for pluginIDs 85007, 146927, and 154933. These vulnerabilities are associated with a zero-day that is actively being exploited by the CL0P Ransomware Group, also known as TA505. The table displays the IP address, NetBIOS, DNS, and OS CPE of any identified vulnerable assets, and the Vulnerabilities severity bars.

CL0P Ransomware Group Patched Assets – This table displays vulnerabilities that have been remediated related to recent targeted attacks by the CL0P Ransomware Group (aka TA505). The remediated vulnerabilities displayed are specifically related to the vulnerabilities related to Progress Software’s MOVEit Transfer solutions, Fortra GoAnywhere Managed File Transfer, and Accellion Secure File Transfer. These vulnerabilities are associated with a zero-day that is actively being exploited. The table displays the PluginID, Vulnerability Name, Plugin Family, Severity, and Total of remediated vulnerabilities.

Tenable Research delivers world class exposure intelligence, data science insights, zero day research and security advisories. Our Security Response Team (SRT) in Tenable Research tracks threat and vulnerability intelligence feeds to make sure our research teams can deliver sensor coverage to our products as quickly as possible. The SRT also works to dig into technical details and author white papers, blogs, and additional communications to ensure stakeholders are fully informed of the latest cyber risks and threats. The SRT provides breakdowns for the latest critical vulnerabilities on the Tenable blog.

When security events rise to the level of taking immediate action, Tenable - leveraging SRT intelligence -  notifies customers proactively to provide exposure information, current threat details and how to use Tenable products and capabilities to accelerate remediation.

This dashboard contains indicator style components to highlight any vulnerabilities related to the Tenable Research Advisories where Tenable issues customer guidance that immediate remediation was of paramount importance to all affected organizations. Tenable recommends addressing missing patches as identified in the dashboard components. 

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Security Industry Trends.

The dashboard requirements are: 

• Tenable.sc 6.2.0
• Nessus 10.6.1

The following components are included in this dashboard are:

Research Advisories - Citrix NetScaler ADC and NetScaler Gateway: In August 2023, Mandiant identified a zero-day exploitation impacting NetScaler ADC and NetScaler Gateway appliances. When NetScaler ADC or NetScaler Gateway is configured as a gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as an AAA virtual server, an unauthenticated attacker could exploit the device in order to hijack an existing authenticated session. Depending on the permissions of the account they have hijacked, this could allow the attacker to gain additional access within a target environment and collect other account credentials. Successful exploitation allows the attacker to bypass multi factor authentication (MFA) requirements.

Research Advisories - curl Heap Overflow and Cookie Injection: On October 3, an open-source developer and maintainer of curl, took to X (formerly Twitter) to announce that a new high severity CVE would be fixed in curl 8.4.0. The developer noted that the release would be ahead of schedule and released on October 11, indicating in a reply to the twitter thread that this is 'the worst security problem found in curl in a long time.' 

Research Advisories - MOVEit: The CL0P Ransomware Group, also known as TA505, has exploited zero-day vulnerabilities across a series of file transfer solutions since December 2020. File transfer solutions often contain sensitive information from a variety of organizations. This stolen information is used to extort victims to pay ransom demands. In 2023, CL0P claimed credit for the exploitation of vulnerabilities in both Fortra’s GoAnywhere Managed File Transfer (MFT) and Progress Software’s MOVEit Transfer solutions. 

Research Advisories - log4shell: This matrix alerts organizations to potential concerns regarding the Log4j vulnerability. Displayed are the vulnerabilities that are directly associated with the log4shell CVEs (CVE-2021-44228, CVE-2021-44832, CVE-2021-45046, CVE-2021-4104, and CVE-2021-45105) and Log4j installations. 

Research Advisories - CISA Alerts AA22-011A and AA22-047A: On November 3rd, 2021, Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 22-01, and on Jan 11, 2022 CISA issued an alert (AA22-011A) warning of increased risk to U.S. critical infrastructure.  A total of 18 CVEs can be associated with this alert.  Hosts and Vulnerabilities identified and mitigated are displayed using the referenced CVE. 

Research Advisories - PrintNightmare: On July 1, Microsoft released an advisory for CVE-2021-34527. This advisory was released in response to public reports about a proof-of-concept (PoC) exploit for CVE-2021-1675, a similar vulnerability in the Windows Print Spooler. To help clear up confusion about the vulnerability, Microsoft updated its advisory for CVE-2021-1675 to clarify that it is similar but distinct from CVE-2021-34527. On July 6, Microsoft updated its advisory to announce the availability of out-of-band patches for CVE-2021-34527, a critical vulnerability in its Windows Print Spooler that researchers are calling PrintNightmare. This remote code execution (RCE) vulnerability affects all versions of Microsoft Windows. 

Research Advisories - MS Exchange ProxyLogon: On March 2, 2021 Microsoft released several critical security updates for zero-day Microsoft Exchange Server vulnerabilities, and reported that the exploits are actively being exploited by threat actors. Within a single week thousands of organizations world-wide have fallen victim. Tenable released several plugins for Exchange Server 2010, 2013, 2016 and 2019, which can be used to determine which Exchange Server systems are vulnerable in your environment.

In an era of rapidly evolving Artificial Intelligence/Large Language Model (AI/LLM) technologies, cybersecurity practitioners face significant challenges in monitoring unauthorized AI solutions, detecting AI vulnerabilities, and identifying unexpected AI/LLM development. Tenable Security Center leverages advanced detection technologies - agents, passive network monitoring, dynamic application security testing, and distributed scan engines - to surface AI/LLM software, libraries, and browser plugins. The risk managers utilize this dashboard to begin a comprehensive review of the AI/LLM packages in systems and web applications, along with associated vulnerabilities, mitigating risks of exploitation, data leakage, and unauthorized resource consumption.

This dashboard provides a detailed view of AI/LLM use by leveraging Nessus plugin (196906) to detect AI/LLM usage in 3 ways: browser extensions, applications, and file paths all common to AI/LLM implementations. AI/LLM vulnerabilities discovered in web applications are identified using the Web Application Scanner, alongside network traffic analysis using the Nessus Network Monitor (NNM). By combining all methods of data collection, the risk managers are able to identify problem areas and other risks associated with AI/LLM.

AI/LLM technologies are promising and can transform many industries and businesses, offering new innovation and efficiency opportunities. However, the technology represents a huge security challenge at many layers and this impact should not be overlooked. By using Tenable Security Center and Tenable Web App Scanning the organization is able to take a security-first approach. When combined with best practices and robust governance policies, the organizations can harness the power of AI/LLM and mitigate the associated emerging threats.

Components

AI/LLM Software Known to Nessus: This matrix provides summary counts of AI/LLM use by leveraging Nessus plugin (196906). This column chart uses the Plugin ID filter and Plugin Output filter to show the AI/LLM applications found on assets scanned using Nessus. Each label displayed is the pattern added to the plugin output search. This search allows the security managers a simplified approach to beginning the understanding into AI usage.

AI/LLM Top 5 Applications: This matrix provides the counts top 5 utilized AI/LLM applications discovered by Tenable Research. The cells use the Plugin ID (196906) and Plugin Output filter to show the AI/LLM application. Each label displayed is the pattern added to the plugin output search. This search allows the security managers a simplified approach to beginning the understanding into AI usage. The top 5 utilized list consists of: TensorFlow, NumPy, H2O Flow, HuggingFace, and scikit-learn.

AI/LLM Detection Statistics: This matrix provides summary counts of AI/LLM use by leveraging Nessus plugin (196906) to detect AI/LLM usage in 3 ways: browser extensions, applications, and file paths all common to AI/LLM implementations. AI/LLM vulnerabilities discovered in web applications are identified using the Web App Scanner, alongside network traffic analysis using the Nessus Network Monitor (NNM). By combining all methods of data collection, the risk managers are able to identify problem areas and other risks associated with AI/LLM.

AI/LLM Software Detected by NNM & WAS: AI/LLM vulnerabilities discovered in web applications are identified using the Web Application Scanner, alongside network traffic analysis using the Nessus Network Monitor (NNM). By combining all methods of data collection, the risk managers are able to identify problem areas and other risks associated with AI/LLM.

AI/LLM Browser Extensions: This matrix provides summary counts of AI/LLM use by leveraging Nessus plugin (196906). The cells use the Plugin ID filter and Plugin Output filter to show the AI/LLM browser extensions grouped into three search patterns. Each label displayed is the pattern added to the plugin output search. This search allows the security managers a simplified approach to beginning the understanding into AI usage.
 

One of the common questions often asked of the IT team is “how many systems are missing patches and how many patches are missing on each system?”  This dashboard uses the “Patch Report” plugin and organizes the current patch status for systems scanned with credentials.  The IT team can now easily communicate the specific systems with missing patches to executives.

The Nessus "Patch Report" plugin (66334) elegantly summarizes all of the missing patches and general remediation actions required to remediate the discovered vulnerabilities on a given host. Instead of counting the number of vulnerabilities, the plugin lists applications that need to be upgraded. The approach is not only much easier for IT administrators to consume, but the count of applications provides a measure of how much "work" is required to secure a system.

The dashboard provides risk guidance using the “Remediation Summary” tool.  This tool works by employing a concept called “top patch”.  Tenable Security Center uses proprietary technology to identify a chain of patches.  The first patch in the chain is called the “top patch”.  If the “top patch” is applied, all subsequent vulnerabilities will also be remediated at the same time.  Using both the Remediation Summary tool and “Patch Report” plugin, the organization can better plan remediation efforts.   

The dashboard and its components are available in the Tenable Security Center Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets.  The dashboard can be easily located in the Tenable Security Center Feed under the category Executive. The dashboard requirements are:

• Tenable Security Center
• Nessus
• This dashboard requires “Full Text Search” to be enabled for each analyzed repository.

Please note the "Full Text Search" option must be enabled for the repository to support the trending component.

Tenable Security Center has the ability to identify all discoverable vulnerabilities, eliminating blind spots. Tenable detects missing patches, incorrect configurations, lapsed defenses, incomplete monitoring and network intruders—so you can mitigate them.  Tenable Security Center can show risk across all systems, enabling informed decisions.  Tenable’s approach to continuous monitoring reaches across cloud, virtual, mobile and traditional systems and measures attack vectors in each of these domains.  Tenable Security Center provides a unique combination of detection, reporting, and pattern recognition utilizing industry recognized algorithms and models.  By providing that single point of data collection, Tenable.sc enables sharing of vulnerability scanning results across the technical groups and business owners. Tenable.sc is continuously updated with information about advanced threats and zero-day vulnerabilities, and new types of regulatory compliance configuration audits.

Components

Remediations Tracking - Top 25 Remediations: This component provides the top 25 remediation actions that can be taken to reduce overall risk.  The table is sorted using vulnerability weight scores, which are calculated differently for each organization.  To determine score weights, login with the admin account, edit your organization and then select “Analysis”.  In the upper right hand corner, there are four scores, one for each severity level. The default scores are: critical = 40, high = 10, medium = 3 and low = 1. The vulnerability weight helps to determine a fully calculated score used in risk analysis.

The Outstanding Remediations - Time Since Patch Publication (Assets) matrix displays the total count of missing patches across the environment. The matrix is comprised of five columns. The first column provides a count of the vulnerabilities that are exploitable, and the last four columns provide counts of vulnerabilities based on Vulnerability Priority Rating (VPR) levels. VPR scores are displayed as column headers in traditional severity text.  Critical represents VPR 9-10, High represents VPR 7-8.9, Medium represents VPR 4-6.9, and Low represents VPR 0.1-3.9. Each row filters the vulnerabilities based on the patch publication date of less than 30 days ago, Current Quarter, Last Quarter, Current Year, Last Year, and greater than 365 Days.

The End of Life Software Detection table displays a list of software that is no longer supported by the vendor. The table is sorted by the count column, which lists a count of the total number of assets affected by the unsupported software package. The filter used is for Plugin Name equals Unsupported. Tenable recommends that assets found here be upgraded to a higher supported version as soon as possible, since vendors no longer list active vulnerabilities for end-of-life software.

The Outstanding Remediations by Device Type (Vulnerabilities) matrix displays the total count of missing patches by device type. The matrix is comprised of five columns. The first column provides a count of the vulnerabilities that are exploitable, and the last four columns provide counts of vulnerabilities based on Vulnerability Priority Rating (VPR) levels. VPR scores are displayed as column headers in traditional severity text.  Critical represents VPR 9-10, High represents VPR 7-8.9, Medium represents VPR 4-6.9, and Low represents VPR 0.1-3.9.  There is a row present which groups devices by type, such as Linux, Windows, or macOS devices. Counts present in each cell represents the number of vulnerabilities present for the device group and VPR score.

TORONTO , ON — A new University of Toronto study may force scientists to rethink what is behind the mass extinction of amphibians occurring worldwide in the face of climate change, disease and habitat loss. The old cliché “size matters” is in fact the gist of the findings by graduate student Stephen De Lisle and […]

Discovery that confirms theory of relativity makes headlines around the world “We see today that black holes exist in the universe and they do collide!” Associate Professor Harald Pfeiffer says (image courtesy NASA) For the first time, scientists have observed gravitational waves – ripples in the fabric of spacetime from a cataclysmic event in the […]

Toronto, ON – When one atom first meets another, the precise nature of that interaction can determine much about what kinds of physical properties and behaviours will emerge. In a paper published today in Nature Physics, a team led by U of T physicist Joseph Thywissen reported their discovery of a new set of rules […]

Professor R J Dwayne Miller is the Royal Society of Chemistry Centenary Prize winner for 2016. Dwayne is Director of the Atomically Resolved Dynamics Department of the Max Planck Institute for the Structure and Dynamics of Matter (MPSD) in Hamburg, Germany, with a secondary appointment as Professor of Chemistry and Physics at the University of […]

University of Toronto Engineering, Google and Actua partner on Innovate U, a day-long STEM event for children in grades 3–8, featuring hands-on coding, circuitry and moreToronto, ON – More than 1,400 students from Grades 3–8 will descend on the University of Toronto on Friday, May 13 for Innovate U, a massive day of hands-on activities […]

Toronto, ON – University of Toronto Professor Giovanni Grasselli, of the Department of Civil Engineering, has been named the inaugural holder of the Foundation CMG Industrial Research Chair in Fundamental Petroleum Rock Physics and Rock Mechanics. Professor Grasselli is joining 12 chairs at 12 universities, including Penn State and the University of Texas in Austin, […]

Toronto, ON – Super-computer modelling of Earth’s crust and upper-mantle suggests that ancient geologic events may have left deep ‘scars’ that can come to life to play a role in earthquakes, mountain formation, and other ongoing processes on our planet. This changes the widespread view that only interactions at the boundaries between continent-sized tectonic plates […]

Suggests similar evolution occurs on separate islandsToronto, ON – A University of Toronto-led team has reported the discovery of a new lizard in the middle of the most- visited island in the Caribbean, strengthening a long-held theory that communities of lizards can evolve almost identically on separate islands. The chameleon-like lizard – a Greater Antillean […]

Toronto, ON – After analyzing four years of Kepler space telescope observations, astronomers from the University of Toronto have given us our clearest understanding yet of a class of exoplanets called “Warm Jupiters”, showing that many have unexpected planetary companions. The team’s analysis, published July 10th in the Astrophysical Journal, provides strong evidence of the existence […]

Toronto, ON – Two astronomers — with the help of Twitter — have uncovered the strongest evidence yet that an enormous X‑shaped structure made of stars lies within the central bulge of the Milky Way Galaxy. Previous computer models, observations of other galaxies, and observations of our own galaxy have suggested that the X‑shaped structure existed. […]

Likely due to high temperatures and uncoordinated treatmentToronto, ON – High ocean temperatures and poor timing of parasite management likely led to an epidemic of sea lice in 2015 throughout salmon farms in British Columbia’s Queen Charlotte Strait, a University of Toronto-led study has found. The sea lice spread to migrating juvenile wild salmon, resulting in […]

Saving the planet from climate change with a grain of sandToronto, ON – Every year, humans advance climate change and global warming – and quite likely our own eventual extinction – by injecting about 30 billion tonnes of carbon dioxide (CO₂) into the atmosphere. A team of scientists from the University of Toronto (U of T) […]

Universities announce their 2016 Schulich Leader Scholarship winners Toronto, ON – Kevin Han, Jun Ran Xu, Haleema Khan and Sabrina Cruz have been named University of Toronto’s recipients of the prestigious Schulich Leader Scholarships. Created in 2011 by Canadian business leader and philanthropist Seymour Schulich, this annual scholarship program encourages promising high school graduates to embrace […]

Toronto, ON – At the Japan-Canada Summit Meeting in May 2016, Japanese Prime Minister Shinzo Abe noted that Japan wished to support Japanese studies at Canadian universities in order to promote mutual understanding between the two countries. Today, based upon this commitment, the Government of Japan is conferring US$5 million on the University of Toronto to […]

Toronto, ON – Paleontologists at the University of Toronto (U of T) and the Royal Ontario Museum (ROM) have uncovered a new fossil species that sheds light on the origin of mandibulates, the most abundant and diverse group of organisms on Earth, to which belong familiar animals such as flies, ants, crayfish and centipedes. The […]

Compositions provide a soundtrack for the Cassini probe’s final plunge into planetToronto, ON –After centuries of looking with awe and wonder at the beauty of Saturn and its rings, we can now listen to them, thanks to the efforts of astrophysicists at the University of Toronto (U of T). “To celebrate the Grand Finale of […]

NOTE: Video and images at uoft.me/sparklingTORONTO – A team of scientists from the University of Toronto and Manchester University in the United Kingdom have gone three kilometres beneath the surface of the Canadian Shield to find some of the oldest fluids in our planet’s history. The waters are rich in clues about lives lived without […]

TORONTO, ON – Many plants are self-fertilizing, meaning they act as both mother and father to their own seeds. This strategy – known as selfing – guarantees reproduction but, over time, leads to reduced diversity and the accumulation of harmful mutations. A new study published in the scientific journal Nature Genetics shows that these negative […]

TORONTO, ON – The University of Toronto is very pleased that Toronto city councillors re-affirmed the city’s commitment to renewed fields on the university’s historic back campus. City council voted in favour of the University’s plan to proceed with the project, which will involve creating two artificial turf fields. The fields will provide a venue […]

TORONTO, ON — A team of scientists from Canada and Australia have discovered that the decline in shark populations is detrimental to coral reefs. “Where shark numbers are reduced due to commercial fishing, there is also a decrease in the herbivorous fishes which play a key role in promoting reef health,” said Jonathan Ruppert, a […]

TORONTO, ON — The University of Toronto Scarborough broke ground today (Oct. 8) on the technologically advanced Environmental Science and Chemistry Building (ESCB). Since the new building will be home to environmental sciences, UTSC is walking the talk: targeting LEED Gold certification with sustainable features that include geothermal boreholes, an Earth Tube system to supply 100 […]

Chemical appears to have highest global-warming impact of any compound to dateTORONTO, ON - Scientists from U of T’s Department of Chemistry have discovered a novel chemical lurking in the atmosphere that appears to be a long-lived greenhouse gas (LLGHG).  The chemical – perfluorotributylamine (PFTBA) – is the most radiatively efficient chemical found to date, […]

University of Toronto among extensive list of global collaboratorsTORONTO, ON – International high-energy physics research project IceCube has been named the 2013 Breakthrough of the Year by British magazine Physics World. The Antarctic observatory has been selected for making the first observation of cosmic neutrinos, but also for overcoming the many challenges of creating and […]