Assessing Your Heartbleed (Identify and Report on Vulnerable and Potentially Vulnerable Assets)

Document created by zeroorone Employee on Apr 11, 2014Last modified by zeroorone Employee on Apr 16, 2014
Version 8Show Document
  • View in full screen mode

As you should no doubt already know, Heartbleed hit the cyber-world like a hurricane last week. After releasing coverage for Heartbleed in Nexpose, you now can scan to see which assets and services in your environment may be at risk. Two new report templates have been developed so you can easily report on the assets that are affected (including the vulnerable ports) and assess your surface area of exposure to the issue.

 

Affected Systems Only

The affected systems only template shows the assets that have been confirmed as being vulnerable to the Heartbleed vulnerability after a recent scan. For each asset, all vulnerable services/ports will be displayed.

 

Here's an example of the report template:

heartbleed.png

 

Affected and Potential Systems

The report has two main sections. The first section shows all assets known to be vulnerable to the Heartbleed vulnerability (same as the template above). The second section shows any assets running OpenSSL (not necessarily just the vulnerable OpenSSL versions). These assets are of interest as they may be potentially vulnerable. So if you are looking to narrow down your vulnerability scans, these assets are a good place to start. The assets are grouped by the version of OpenSSL that has been detected.

 

Here's an example of the report template:

heartbleed-with-potentials.png

 

Download either of the attached files and upload into your Nexpose system to start analyzing your assets, and stop the heart from bleeding any more.

1 person found this helpful

Outcomes