"Raised from a kitten by a kindly old ninja master, Claude now spends his days as the pampered house cat of an eleven-year-old boy. But when trouble arises, Claude dons his mask and springs into action as Cat Ninja— Metro City's secret protector." -- Provided by publisher

"When Amelia Earhart became the first woman to make a solo flight across the Atlantic Ocean in 1932, she immediately became an American icon and a subject of endless fascination for generations to come. In Amelia Earhart: Pioneer of the Sky!, the story of the bold and daring aviator's life is presented in graphic novel format, with full-color illustrations and historically accurate details. From her hardscrabble childhood to her final flight— and mysterious disappearance— Earhart's journey will entertain, captivate, and inspire readers of all ages." -- Provided by publisher

"A graphic biography of civil rights leader and American icon Martin Luther King Jr. This graphical biography tells the story of the most prominent leader of the American civil rights movement. With full-color illustrations and a historically accurate narrative, Martin Luther King Jr.: Voice for Equality! will inform and entertain readers of all ages. From his childhood in Atlanta to his rise as an international icon of human rights and a fiery orator who refused to back down in the face of adversity, King's life story serves as an ongoing source of inspiration." -- Provided by publisher.

This document is only available in PDF format.

This document is available as PDF only. The following links go to sections in the PDF. 

IntroductionThe members of the Canadian Securities Administrators (the CSA or we) are publishing for comment proposed amendments to National Instrument 94-101 Mandatory Central Counterparty Clearing of Derivatives (National Instrument 94

This document is only available in PDF format.

Growing consensus in the scientific community indicates that higher temperatures and changing precipitation levels resulting from climate change will depress crop yields in many countries over the coming decades. This is particularly true in low-income countries, where adaptive capacity is low. Many African countries are particularly vulnerable to climate change because their economies largely depend on climate-sensitive agricultural production.

"Ethiopia's agricultural sector, which is dominated by smallscale, mixed-crop, and livestock farming, is the mainstay of the country's economy. It constitutes more than half of the country's gross domestic product, generates more than 85 percent of foreign exchange earnings, and employs about 80 percent of the population. Unfortunately, Ethiopia's dependence on agriculture makes the country particularly vulnerable to the adverse impactsof climate change on crop and livestock production.

Agricultural production remains the main source of livelihood for rural communities in Sub-Saharan Africa, providing employment to more than 60 percent of the population and contributing about 30 percent of gross domestic product. With likely long-term changes in rainfall patterns and shifting temperature zones, climate change is expected to significantly affect agricultural production, which could be detrimental to the region’s food security and economic growth.

Numerous studies indicate that agricultural production is sensitive to climate variability, and lack of infrastructure in developing countries increases vulnerability to extreme climate events. In Ethiopia, the historical climate record indicates frequent droughts and floods, which can devastate agricultural production and existing infrastructure. Too much precipitation can flood crops, rot or suffocate roots, and wash out roads, creating similar economic conditions to those resulting from drought.

Ethiopia possesses abundant water resources and hydropower potential, yet less than 5 percent of irrigable land in the Blue Nile basin has been developed for food production, and more than 80 percent of Ethiopians lack access to electricity. Consequently, the Ethiopian government is pursuing plans to develop hydropower and irrigation along the Blue Nile River in an effort to tap into this underused potential.

Ethiopia’s agricultural sector, which is dominated by smallscale, mixed crop, and livestock farming, is the mainstay of the country’s economy. It constitutes more than half the nation’s gross domestic product (GDP), generates more than 85 percent of the foreign exchange earnings, and employs about 80 percent of the population. Ethiopia’s dependence on agriculture makes the country particularly vulnerable to the adverse impacts of climate change on crop and livestock production.

Mechanization service providers in Myanmar were originally interviewed by telephone in early May 2020 in order to determine how their businesses were being affected by COVID-19 related restrictions. The results of that survey were published in Myanmar Strategy Support Program Policy Note 07. To trace the continuing impact of the COVID-19 pandemic on their economic activities, a second phone survey of mechanization service providers was done in mid-June 2020. This Policy Note reports on the results of this second survey.

Tenable®, the exposure management company, today announced new risk prioritization and compliance features for Tenable Nessus, the #1 vulnerability assessment solution in accuracy, coverage and adoption. Nessus supports new and updated vulnerability scoring systems – Exploit Prediction Scoring System (EPSS) and Common Vulnerability Scoring System (CVSS) v4 – to help customers implement more effective prioritization for risk reduction and maintain compliance.

Due to evolving threats and expanding attack surfaces, organizations rely on multiple risk scoring systems, which are not effective risk qualifiers on their own to determine criticality. With Tenable Nessus, customers can take advantage of the latest industry-adopted vulnerability scoring systems – EPSS and CVSS v4 – and Tenable Vulnerability Priority Rating (VPR) to identify and take action on the vulnerabilities that pose the greatest risk specific to their environment. Leveraging an advanced data science algorithm developed by Tenable Research, Tenable VPR combines and analyzes Tenable proprietary vulnerability data, third-party vulnerability data and threat data to effectively and efficiently measure risk.

“EPSS and CVSS are single variables in the risk equation – context around exposures delivers a deeper level of understanding around true risk,” said Shai Morag, chief product officer, Tenable. “Recent Tenable Research found that only 3% of vulnerabilities most frequently result in impactful exposure. We’ve optimized Nessus to meet the evolving needs of our customers, empowering informed vulnerability prioritization strategies to address these critical few.”

Key features in this release include:

• EPSS and CVSS v4 Support enables users to see and filter plugins by EPSS and CVSS v4 score, further informing prioritization strategy. This feature enables security teams to remain compliant with organizational policies that require the use of EPSS or CVSS as the primary scoring system.
• Nessus Offline Mode addresses challenges with conducting vulnerability scans offline in air-gapped environments. Building upon existing offline scanning capabilities, Nessus runs critical services only, removing unwanted traffic generated by functions that rely on an active internet connection, thereby ensuring the security of sensitive data within a secure environment.
• Declarative Agent Versioning On-Prem enables users to create and manage agent profiles in Nessus Manager for Tenable Security Center. Users can specify a product version for an agent deployed in an environment, thereby reducing disruptions in day-to-day operations and enabling users to adhere to enterprise change control policies.

Learn more about vulnerability and risk scoring by checking out the Inaugural Study of EPSS Data and Performance developed by Cyentia Institute and the Forum of Incident Response and Security Teams (FIRST).

Join the upcoming Tenable webinar titled, From Data to Defense: Harnessing Predictive Scoring to Strengthen Your Cybersecurityon September 12, 2024 at 2:00 pm ET, by registering here.

Tenable Nessus is available as a standalone product and is included in Tenable Security Center and Tenable Vulnerability Management. More information on Tenable Nessus is available at: https://www.tenable.com/products/nessus

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com.

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced the availability of Tenable Enclave Security, a solution that supports the needs of customers operating in highly secure environments, such as those that are classified or otherwise air-gapped. Backed by Tenable Security Center, Tenable Enclave Security protects IT assets and modern workloads with risk assessment and contextual insight so organizations can identify exposures before they cause damage.

Federal agencies face unique security and compliance regulations when deploying cloud solutions, and Tenable Enclave Security is key to supporting public sector customers, as well as commercial organizations with strict data residency, security or privacy requirements. 

Built to support the strictest security requirements, including FedRAMP High and Impact Level 5, Tenable Enclave Security empowers agencies to know, expose and close IT and container exposures from a single, highly secure platform. This consolidated approach also eliminates tool sprawl, reduces costs and boosts efficiency for public sector organizations.

“As a leader in vulnerability management and cloud security and a longtime partner of governments all around the world, we’re perfectly positioned to tap into our expertise and deliver mission critical capabilities to assist government agencies as they transform their IT strategy and safely embrace modern workloads to speed innovation,” said Robert Huber, chief security officer and president, Tenable Public Sector, Tenable. “With Tenable Enclave Security, agencies are now able to gain a fuller understanding of their exposure and risk with the ability to continuously discover, assess and prioritize vulnerabilities across IT assets and container images, all from a single, highly secure framework.”

Tenable Enclave Security will immediately enable organizations to: 

• Meet cloud security and data residency restrictions: Tenable Enclave Security enables customers to meet stringent cloud security and data residency requirements, such as FedRAMP High or Impact Level 5. It can meet customers’ needs wherever they reside, with the ability to be deployed on-prem, in a virtual private cloud or commercial cloud.
• Secure containers before they hit production: As agencies modernize their infrastructure, containers create a more efficient manner to create applications and modernize existing ones. Tenable Enclave Security empowers organizations to quickly assess the risk in their container images, expose their vulnerabilities and understand the breadth of impact.
• Centralize security tools: Unlike siloed solutions with fragmented visibility, Tenable Enclave Security provides protection for IT assets and modern workloads from a single deployment architecture. 

For more information on Tenable Enclave Security, please visit: https://www.tenable.com/products/enclave-security 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced that it has been ranked first for 2023 worldwide market share for device vulnerability management in the IDC Worldwide Device Vulnerability Management Market Shares (doc #US51417424, July 2024) report. This is the sixth consecutive year Tenable has been ranked first for market share.

According to the IDC market share report, Tenable is ranked first in global 2023 market share and revenue. Tenable credits its success to its strategic approach to risk management, which includes a suite of industry-leading exposure management solutions that expose and close security gaps, safeguarding business value, reputation and trust. The Tenable One Exposure Management Platform, the world’s only AI-powered exposure management platform, radically unifies security visibility, insight and action across the modern attack surface – IT, cloud, OT and IoT, web apps and identity systems.

According to the IDC market share report, “The top 3 device vulnerability management vendors remained the same in 2023 as previous years, with Tenable once again being the top vendor.”

The report highlighted Tenable’s use of generative AI, noting, “ExposureAI, available as part of the Tenable One platform, provides GenAI-based capabilities that include natural language search queries, attack path and asset exposure summaries, mitigation guidance suggestions, and a bot assistant to ask specific questions about attack path results.”

Tenable’s latest innovations in the vulnerability management market – Vulnerability Intelligence and Exposure Response – were also highlighted in the report, stating, “Vulnerability Intelligence provides dynamic vulnerability information collected from multiple data sources and vetted by Tenable researchers, while Exposure Response enables security teams to create campaigns based on risk posture trends so remediation progress can be monitored internally.”

The report also spotlighted the Tenable Assure Partner Program and MDR partnerships, noting, “Tenable has made more of a strategic effort to recruit managed security service providers (SPs) and improve the onboarding experience for them, as well as their customers. Managed detection and response (MDR) providers have been adding proactive exposure management because it helps shrink the customer attack surface, helping them provide better outcomes. Sophos and Coalfire are recently announced partners adding managed exposure management services to their MDR and pen testing services, respectively.”

“At Tenable, we build products for a cloud-first, platform centric world, meeting customers' evolving risk management needs,” said Shai Morag, chief product officer, Tenable. “We leverage cutting edge technology, innovating across our portfolio to help customers know, expose and close priority security gaps that put businesses at risk.” 

"The device vulnerability management market is characterized by a focus on broader exposure management, with a number of acquisitions to round out exposure management portfolios," said Michelle Abraham, senior research director, Security and Trust at IDC. "Vendors are advised to enhance their offerings with additional security signals and automated remediation workflows to stay competitive in this evolving landscape."

To read an excerpt of the IDC market share report, visit https://www.tenable.com/analyst-research/idc-worldwide-device-vulnerability-management-market-share-report-2023 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced new data security posture management (DSPM) and artificial intelligence security posture management (AI-SPM) capabilities for Tenable Cloud Security, the actionable cloud security solution. By extending exposure management capabilities to cloud data and AI resources, Tenable Cloud Security reduces risk to two of the biggest emerging threats.

Today’s cloud environments are more complex than ever. The challenge of managing this complexity has led to preventable security gaps caused by misconfigurations, risky entitlements and vulnerabilities, leaving sensitive data and AI resources vulnerable. In fact, Tenable Research found that 38% of organizations are battling a toxic cloud trilogy – cloud workloads that are publicly exposed, critically vulnerable and highly privileged. 

Tenable Cloud Security exposes risk from across hybrid and multi-cloud environments, including vulnerabilities, misconfigurations and excess privilege, that affects data and AI resources. Integrating DSPM and AI-SPM into Tenable Cloud Security enables users to automatically discover, classify and analyze sensitive data risk with flexible, agentless scanning. With Tenable Cloud Security’s intuitive user interface, security leaders can easily answer tough questions – such as “What type of data do I have in the cloud and where is it located?,” “What AI resources are vulnerable and how do I remediate the issue?” and “Who has access to my sensitive cloud and AI data?”

“Data is constantly on the move and new uses for data in today’s AI-driven world have created new risks,” said Liat Hayun, vice president of product management for Tenable Cloud Security. “DSPM and AI-SPM capabilities from Tenable Cloud Security bring context into complex risk relationships, so teams can prioritize threats based on the data involved. This gives customers the confidence to unlock the full potential of their data without compromising security.”

“The importance of cloud data has made communicating data exposure risk one of the biggest security challenges for CISOs,” said Philip Bues, senior research manager, Cloud Security at IDC. “Tenable is at the forefront of this emerging DSPM-CNAPP conversation, enabling customers to contextualize and prioritize data risk and communicate it, which is pertinent to almost every domain in CNAPP.”

AI-SPM features enable customers to confidently forge ahead with AI adoption by enforcing AI and machine learning configuration best practices and securing training data. With the combined power of AI-SPM and Tenable Cloud Security’s market-leading cloud infrastructure entitlement management (CIEM) and Cloud Workload Protection (CWP) capabilities, customers can manage AI entitlements, reduce exposure risk of AI resources, and safeguard critical AI and machine learning training data to ensure data integrity. 

Available to all Tenable Cloud Security and Tenable One customers, these new features enable customers to:

• Gain complete visibility and understanding of cloud and AI data - Tenable Cloud Security continuously monitors multi-cloud environments to discover and classify data types, assign sensitivity levels and prioritize data risk findings in the context of the entire cloud attack surface. 
• Effectively prioritize and remediate cloud risk - Backed by vulnerability intelligence from Tenable Research, context-driven analytics provides security teams with prioritized and actionable remediation guidance to remediate the most threatening cloud exposures.
• Proactively identify cloud and AI data exposure - Unique identity and access insights enable security teams to reduce data exposure in multi-cloud environments and AI resources by monitoring how data is being accessed and used and detect anomalous activity. 

Join the upcoming Tenable webinar, “Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?” on October 22, 2024 at 10 am BST and 11 am ET, by registering here. 

Read today’s blog post, “Harden your cloud security posture by protecting your cloud data and AI resources” here. 

With a Net Promoter Score of 73, Tenable Cloud Security helps customers around the world expose and close priority threats. More information about DSPM and AI-SPM capabilities available in Tenable Cloud Security is available at: https://www.tenable.com/announcements/dspm-ai-spm

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for approximately 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Often hailed as the heir apparent to Wallace Stegner, Ivan Doig is among the finest chroniclers of the contemporary American West. In Mountain Time, Lexa McCaskell and Mitch Rozier leave their Seattle home to visit Mitch's dying father in Montana. There Mitch clashes with both Lexa and his father as events from the past are explored and difficult memories resurface. "Mountain Time will not dissuade those who rank Doig among the best living American writers."-San Francisco Chronicle

In this groundbreaking book, authors Russell Friedman and John W. James show listeners how to move on from their unsuccessful past relationships and finally find the love of their lives. Demonstrating revolutionary ideas that have worked for thousands of their clients at the Grief Recovery Institute, Friedman and James give listeners the strategies they need to effectively mourn the loss of the relationship, while opening themselves up to love in the future. With compassionate guidance, Friedman and James help listeners to close a chapter of their romantic past so that they can be ready to begin again.

Two-time Spur Award nominee Cameron Judd spins Westerns that lasso listeners' attention. In this inspiring story of self-sacrifice, menacing dangers spur 17-year-old Pennington Malone to grow up quickly. With his father in Leavenworth Prison, Penn travels to Dodge City packing his dad's loaded sixgun. He soon meets Jonah Littlejohn, a lanky man gifted with incredible strength and boxing prowess-and haunted by painful secrets. But when Penn learns that three shadowy riders are trailing him-and framing him for murders they commited-he needs all the help he can get.

Named one of Granta's Best Young British Novelists, Esther Freud made her debut with the much-buzzed-about Hideous Kinky and has since delivered one brilliant novel after the next. Set in 1914 along the Suffolk coast, Mr. Mac and Me is the story of Thomas Maggs, whose quiet life is shaken first by the appearance of the decidedly curious Mr. Mac and then by the ravages of World War I.

El Museo Van Gogh celebra 150 años de Impresionismo en «¡Vive l’impressionnisme!» Del 11 de...

El Met inaugura la primera gran exposición en EE.UU. centrada en la pintura antigua sienesa...

Patricia writes to Kevin about some of the the experiences that they shared from her perspective.

Keith Attle 700258 : Addie May was in many ways before her time. She was strong willed, not afraid to speak her mind, and could distinguish between right and wrong with good common sense. For her, there was no middle ground. This became evident at a very early age as she was born with two strikes against her. First, one leg was shorter than the other, which caused her to limp all of her life and subjecting her to be ridiculed as a child. Secondly, she was left-handed. Today this is not an issue, but for thousands of years, this attribute was associated with witchcraft and devil possession. Addie May's mother tried everything she could to change her but to no avail. Even a sore and blistered hand and punishment by her first-grade teacher did not dissuade her. Her formal education finished at eighth grade, yet she became a court deputy, a bookkeeper for her husband's hugely successful business, a practical nurse, mother, and grandmother. It was the later when I came to know her. Death was a frequent visitor throughout her life. Somehow she was able to mask her inner emotions while smiling and comforting others facing pain, distress, and death. She was a decent, honorable, and compassionate human being who never thought of herself as anything special. This book is a tribute to a woman who never received the recognition she deserved. It is my desire to correct this. It's unfortunate she will never know.

At the turn of the 20th century, Jewish families scattered by migration could stay in touch only through letters. Jews in the Russian Empire and America wrote business letters, romantic letters, and emotionally intense family letters. But for many Jews who were unaccustomed to communicating their public and private thoughts in writing, correspondence was a challenge. How could they make sure their spelling was correct and they were organizing their thoughts properly? A popular solution was to consult brivnshtelers, Yiddish-language books of model letters. Dear Mendl, Dear Reyzl translates selections from these model-letter books and includes essays and annotations that illuminate their role as guides to a past culture.

L’investissement dans les agriculteurs, c’est-à-dire le capital humain de l’agriculture, est crucial pour relever les défis que posent nos systèmes agroalimentaires.

Le changement climatique constitue une menace croissante pour nos systèmes alimentaires, dont les implications sont graves pour la sécurité alimentaire et nutritionnelle, les moyens de subsistance et le bien-être général, en particulier pour les personnes pauvres et vulnérables du monde entier. Une action urgente contre le changement climatique est attendue à l’échelle mondiale – à la fois pour réaliser les importantes réductions d’émissions requises pour limiter le réchauffement climatique et pour accroître les capacités d’adaptation et la résilience.

En 2022, le monde a subi des crises multiples. Les perturbations des systèmes alimentaires dues à la longue pandémie de COVID-19, des catastrophes naturelles majeures, des troubles civils, l’instabilité politique et les impacts croissants du changement climatique ont persisté, tandis qe l’inflation et la guerre entre la Russie et l’Ukraine ont exacerbé la crise alimentaire mondiale et la crise des engrais.

Créée notamment pour promouvoir le commerce intra-régional de biens dans la région, la Communauté économique des États d'Afrique de l'Ouest devait aussi permettre d'y réduire l'insécurité alimentaire. Mais les « points de sécurité », dressés le long des corridors de commerce par les autorités administratives qui prélèvent des pots-de-vin, sont venus limiter cette ambition. S’élevant jusqu’à 576 dollars aux 100 kms au Togo en 2017, cette corruption se mesure aussi en temps perdu, avec plus de trois heures aux 100 kms.

Depuis la pandémie de COVID-19 et plus récemment la crise russo-ukrainienne, la problématique de construire des systèmes alimentaires résilients et durables est devenue une urgence pour la plupart des pays d’Afrique au Sud du Sahara (ASS) dont le Sénégal. Très récemment, le Gouvernement du Sénégal à travers le Ministère de l’Agriculture de l’Équipement Rural et de la Souveraineté Alimentaire (MAERSA) a validé le Programme Alimentaire pour la Souveraineté Alimentaire Durable (PASAD 2021-2025).

Van Gogh Museum celebrates 150 years of Impressionism in “Vive l’impressionnisme!” From 11 October 2024...

The Met presents the first major exhibition in the US focusing on early Sienese painting...

One of the common questions often asked of the IT team is “how many systems are missing patches and how many patches are missing on each system?”  This dashboard uses the “Patch Report” plugin and organizes the current patch status for systems scanned with credentials.  The IT team can now easily communicate the specific systems with missing patches to executives.

The Nessus "Patch Report" plugin (66334) elegantly summarizes all of the missing patches and general remediation actions required to remediate the discovered vulnerabilities on a given host. Instead of counting the number of vulnerabilities, the plugin lists applications that need to be upgraded. The approach is not only much easier for IT administrators to consume, but the count of applications provides a measure of how much "work" is required to secure a system.

The dashboard provides risk guidance using the “Remediation Summary” tool.  This tool works by employing a concept called “top patch”.  Tenable Security Center uses proprietary technology to identify a chain of patches.  The first patch in the chain is called the “top patch”.  If the “top patch” is applied, all subsequent vulnerabilities will also be remediated at the same time.  Using both the Remediation Summary tool and “Patch Report” plugin, the organization can better plan remediation efforts.   

The dashboard and its components are available in the Tenable Security Center Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets.  The dashboard can be easily located in the Tenable Security Center Feed under the category Executive. The dashboard requirements are:

• Tenable Security Center
• Nessus
• This dashboard requires “Full Text Search” to be enabled for each analyzed repository.

Please note the "Full Text Search" option must be enabled for the repository to support the trending component.

Tenable Security Center has the ability to identify all discoverable vulnerabilities, eliminating blind spots. Tenable detects missing patches, incorrect configurations, lapsed defenses, incomplete monitoring and network intruders—so you can mitigate them.  Tenable Security Center can show risk across all systems, enabling informed decisions.  Tenable’s approach to continuous monitoring reaches across cloud, virtual, mobile and traditional systems and measures attack vectors in each of these domains.  Tenable Security Center provides a unique combination of detection, reporting, and pattern recognition utilizing industry recognized algorithms and models.  By providing that single point of data collection, Tenable.sc enables sharing of vulnerability scanning results across the technical groups and business owners. Tenable.sc is continuously updated with information about advanced threats and zero-day vulnerabilities, and new types of regulatory compliance configuration audits.

Components

Remediations Tracking - Top 25 Remediations: This component provides the top 25 remediation actions that can be taken to reduce overall risk.  The table is sorted using vulnerability weight scores, which are calculated differently for each organization.  To determine score weights, login with the admin account, edit your organization and then select “Analysis”.  In the upper right hand corner, there are four scores, one for each severity level. The default scores are: critical = 40, high = 10, medium = 3 and low = 1. The vulnerability weight helps to determine a fully calculated score used in risk analysis.

The Outstanding Remediations - Time Since Patch Publication (Assets) matrix displays the total count of missing patches across the environment. The matrix is comprised of five columns. The first column provides a count of the vulnerabilities that are exploitable, and the last four columns provide counts of vulnerabilities based on Vulnerability Priority Rating (VPR) levels. VPR scores are displayed as column headers in traditional severity text.  Critical represents VPR 9-10, High represents VPR 7-8.9, Medium represents VPR 4-6.9, and Low represents VPR 0.1-3.9. Each row filters the vulnerabilities based on the patch publication date of less than 30 days ago, Current Quarter, Last Quarter, Current Year, Last Year, and greater than 365 Days.

The End of Life Software Detection table displays a list of software that is no longer supported by the vendor. The table is sorted by the count column, which lists a count of the total number of assets affected by the unsupported software package. The filter used is for Plugin Name equals Unsupported. Tenable recommends that assets found here be upgraded to a higher supported version as soon as possible, since vendors no longer list active vulnerabilities for end-of-life software.

The Outstanding Remediations by Device Type (Vulnerabilities) matrix displays the total count of missing patches by device type. The matrix is comprised of five columns. The first column provides a count of the vulnerabilities that are exploitable, and the last four columns provide counts of vulnerabilities based on Vulnerability Priority Rating (VPR) levels. VPR scores are displayed as column headers in traditional severity text.  Critical represents VPR 9-10, High represents VPR 7-8.9, Medium represents VPR 4-6.9, and Low represents VPR 0.1-3.9.  There is a row present which groups devices by type, such as Linux, Windows, or macOS devices. Counts present in each cell represents the number of vulnerabilities present for the device group and VPR score.