Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

RBI: Inventory Management

by David Schwalenberg
May 16, 2017

RBI Inventory Management Dashboard Screenshot

Managing inventory and monitoring changes are necessary tasks for securing a network. Without proper management, transient assets such as laptops, mobile phones and virtualized systems could be missed. Unauthorized software and rogue devices could be allowed to infiltrate the network, bringing new vulnerabilities and increasing the risk of dangerous network attacks and compromise of sensitive data. The financial industry is highly targeted by cyber attacks, emphasizing the urgent need for robust cyber security and increased network resilience.

In 2016, due to the increasing use of information technology by banks and their customers, and the increase in cyber attacks against the financial sector, the Reserve Bank of India (RBI) provided guidelines in the area of cyber security to banks. The guidelines document, Cyber Security Framework in Banks, includes an Annex detailing minimum baseline requirements for network security and resilience. These requirements cover such areas as inventory management, secure configuration, patch management, access control and advanced real-time threat defense.

Tenable's Tenable.sc Continuous View® (Tenable.sc CV™) offers several specialized dashboards that can help banks comply with the requirements specified in the RBI document. This dashboard assists in the area of inventory management, and aligns with baseline controls 1 (Inventory Management) and 2 (Prevent Execution of Unauthorised Software) in Annex 1, as well as aspects of other baseline controls that mention identifying mobile devices and controlling software installation.

This dashboard provides an overview of system counts, mobile devices, new MAC addresses, installed software, cloud service use and changes detected throughout the network. Having an accurate and up-to-date count of existing assets on the network will assist analysts in preventing unauthorized devices from connecting to the network. Monitoring asset changes will also help security teams identify blind spots that may have been previously overlooked.

Organizations will also be able to keep track of operating system and software deployments using this dashboard. This information will enable organizations to gain control over software licenses and reduce unnecessary costs. Information on software installations can highlight unauthorized and unsupported software running on network assets. Monitoring changes across devices and software can help to identify and prevent unauthorized modifications that could negatively impact critical systems. Having accurate inventory information assists an organization in securing the network and complying with the RBI requirements.

This dashboard is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Compliance & Configuration Assessment. The dashboard requirements are:

  • Tenable.sc 5.4.5
  • Nessus 8.5.0
  • LCE 6.0.0
  • NNM 5.9.0
  • Mobile data

Tenable's Tenable.sc CV is the market-defining continuous network monitoring solution, and can assist in securing an organization’s internal network. Tenable.sc CV is continuously updated with information about advanced threats, zero-day vulnerabilities and new regulatory compliance data. Active scanning periodically examines systems to determine vulnerabilities and compliance concerns. Agent scanning enables scanning and detection of transient and isolated devices. Passive listening provides real-time discovery of devices, operating systems, browsers and desktop applications. Host data and data from other security products is analyzed to monitor the network for changes to devices and software. Tenable.sc CV provides an organization with the most comprehensive view of the network and the intelligence needed to secure and protect assets within the network.

The following components are included in this dashboard:

  • Network Mapping - System Counts: This component presents the counts of systems detected on the network in various categories.
  • Workforce Mobility - Mobile Device Detections: This component presents counts of mobile devices and associated vulnerabilities detected passively by the Tenable Nessus Network Monitor (NNM) and via Mobile Device Management (MDM) systems.
  • Configuration Management - Detected Software: This matrix presents indicators that detect operating systems, browsers, unsupported and other software installations on systems within a network.
  • CSF - Software Applications and Database Servers: This component displays a matrix of detected software programs and database servers that are commonly used within organizations.
  • Software Summary - Top Installed Software: This table displays a list of the software currently discovered on the network.
  • Discovery Scan - Hosts Per Asset List: This table displays counts of live hosts within defined Tenable.sc asset lists.
  • Configuration Management - Top Subnets With New MAC Addresses: This component presents a summary of newly detected MAC addresses per subnet over the last 72 hours.
  • CSF - Top Detected Changes (Last 72 Hours): This table displays the top change events detected on the network in the last 72 hours.
  • Cloud Services - Services Detected: This table presents a list of passive detections of network interactions with cloud services.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training