Crowd

Understanding Exploitability

Build Something That Matters

At Tenable, we’re all about innovation, creativity and purpose, with a passion for designing solutions that are transforming security – and making a difference in people’s lives. Cybersecurity is one of the world’s fastest growing fields, and our fresh ideas and trusted solutions are revolutionizing the industry. We have big plans for continued global growth, and we’re looking for people who are creative, flexible and dedicated to helping us build something great – something that matters.

 

Learn more about working with us

Click here

We have big plans for continued global growth, and we’re looking for people who are creative, flexible and dedicated to helping us build something great – something that matters.

Tenable.io Advanced Filters

Vulnerability exploits have been in headlines around the world in recent months for being a leading source of cyber risk. As a result, your organization’s leadership may have started  to ask whether your network is vulnerable to exploitation. The answer to that question often lies in the relationship between vulnerability and exploitability. All exploitable vulnerabilities are, of course, vulnerabilities. But when a vulnerability isn’t “exploitable,” what does that mean? The most accurate answer would be that an exploitation hasn’t been discovered yet, but the vulnerability still has the potential to be exploited. In Tenable.io™, nine unique advanced filters allow you to isolate the vulnerabilities or assets in your network that may be vulnerable to a particular type of exploit, providing you increased visibility into your organization’s Cyber Exposure.

Exploits

The term exploit is commonly used to describe software that has been developed to attack a computer system or asset by taking advantage of a vulnerability. The objective of many exploits is to gain control of an asset.

For example, a successful exploit of a database vulnerability can provide an attacker with the means to collect or exfiltrate all the records from that database, resulting in a data breach. Exploits are also developed to attack a vulnerability in order to gain remote administrative privileges on a host. With Tenable.io, you can identify which hosts in your network have exploitable vulnerabilities by setting the Exploit Available advanced filter to true, allowing you to prioritize remediation efforts accordingly.

Exploit Available Filter

Exploit Frameworks

Security researchers know that to truly test and understand the nature of exploiting a vulnerability, an exploit framework is needed. An exploit framework is an abstraction in which the foundation of the software provides the generic functionality, and users can write code modules to perform specific tasks. For example, the developers of Metasploit, Core Impact and several others created exploit frameworks to leverage common attack techniques and delivery methods, while the users create the actual exploits. These exploit frameworks can be used by inexperienced attackers to create an attack that may look sophisticated because most of the difficult work has been created by the framework.

Once you understand how to leverage the exploit framework to exploit a buffer overflow vulnerability, replicating the attack seems trivial. The industry is seeing a rise in malware code that appears to have been developed using the various exploit frameworks as they become more popular. Tenable.io enables you to search for the presence of vulnerabilities in your network that could be exploited by specific exploit frameworks. The relevant advanced filters include the CANVAS, CORE, Elliot, and Metasploit Exploit Framework filters. The Elliot Exploit Name filter allows you to apply more specificity to find vulnerabilities exploited by a specific Elliot exploit, such as any of the ones on the D2 Security Elliot Exploits page. Each of these filters can be set to true to identify vulnerabilities known to be exploited by the specific framework.

Tenable.io Exploit Frameworks Filter

Similarly to the databases maintained by well-known frameworks like Elliot, you can filter for vulnerabilities that are exploitable by exploits documented by the Exploit Database or ExploitHub websites. Some vulnerabilities may be exploitable by exploits compatible with multiple frameworks or documented in multiple databases. You can also filter for vulnerabilities that were exploited by Nessus during the process of identification. Some Nessus plugins actually perform a benign exploit when certain vulnerabilities are suspected in order to confirm the presence and exploitability of those vulnerabilities. Setting the Exploited by Nessus advanced filter to true will give you a list of vulnerabilities that Nessus was able to exploit.

Tenable.io Exploited by Nessus Filter

The last advanced filter related to exploitability is the Exploitability Ease filter. This filter provides three options:

  • Exploits are available
  • No known exploits are available
  • No exploit is required

The first two options check whether known exploits are available for the vulnerabilities in the network. The last option, “No exploit is required,” filters out vulnerabilities that do not require any tool, script or malware to be run in order for the vulnerability to be exploited. For example, the HTTP TRACE / TRACK Methods Allowed plugin (ID 11213) points out an HTTP method that is inherently vulnerable due to the information that could be gleaned by attackers from TRACE and TRACK traffic without the use of an exploit.

Tenable.io Exploitability Ease Filter

The Tenable.io solution

Tenable.io can easily identify assets that are more vulnerable and exploitable than others, allowing you to better manage, measure and reduce your organization’s cyber risk.

Regardless of your approach to reducing sources of cyber risk identified by Tenable.io – whether it’s applying patches, configuring mitigation controls or hardening operating systems – the first step is to clearly qualify the risks into actionable tasks and deliverables. Tenable.io provides information security professionals with the tools and resources needed to perform a detailed qualitative analysis of the risk that threatens business assets. Armed with Tenable.io, you’ll be prepared to provide an accurate assessment of your organization's Cyber Exposure.

Try Tenable.io

Tenable.io provides accurate information on how well your organization is addressing security risks and reducing its Cyber Exposure. Start with a free trial of Tenable.io Vulnerability Management for 60 days.

Read more >

Published on Aug 28, 2017

People like you also viewed

Enterprise Sales Engineer - Sydney

Sydney Sydney Australia Sydney, Australia Sales Sales
Tenable is more than ‘just’ the creator of Nessus. Our security solutions - including the first cyber exposure platform for modern assets, Tenable.io - are transforming global vulnerability management. We’re a global team, powered by creative thin...

Public Relations Intern

Columbia Maryland United States Columbia, Maryland, United States New College Graduates & Internships Internships
Tenable is more than ‘just’ the creator of Nessus. Our security solutions - including the first cloud-based platform, Tenable.io - are transforming global vulnerability management. We’re a global team, powered by creative thinkers who are wired fo...

Technical Support Intern

Columbia Maryland United States Columbia, Maryland, United States Technical Support Internships
Tenable is more than ‘just’ the creator of Nessus. Our security solutions - including the first cyber exposure platform for modern assets, Tenable.io - are transforming global vulnerability management. We’re a global team, powered by creative thin...

Graphic Design Intern

Columbia Maryland United States Columbia, Maryland, United States Marketing Internships
Tenable is more than ‘just’ the creator of Nessus. Our security solutions - including the first cyber exposure platform for modern assets, Tenable.io - are transforming global vulnerability management. We’re a global team, powered by creative thin...

Sales Operations Analyst Intern

Columbia Maryland United States Columbia, Maryland, United States Sales Operations Internships
Can you join Team Tenable? Yes you can - if you’re excited by the thought of working with over 700 colleagues, 20,000 customers and a range of revolutionary products that are shaping cybersecurity in 150 countries. Being valued for who you are as ...

Software Engineering Intern

Columbia Maryland United States Columbia, Maryland, United States New College Graduates & Internships Internships
Tenable is more than ‘just’ the creator of Nessus. Our security solutions - including the first cyber exposure platform for modern assets, Tenable.io - are transforming global vulnerability management. We’re a global team, powered by creative thin...
Diagram, Drawing, Text

More Team Stories