Facebook Google Plus Twitter LinkedIn YouTube RSS Menú Buscar Recursos - BlogRecursos - Seminario webRecursos - InformeRecursos - Eventoicons_066 icons_067icons_068icons_069icons_070

ASD Essential 8 Mitigation Report

by Ryan Seguin
agosto 28, 2017

In febrero 2017, the Australian Signals Directorate (ASD) released the “Essential 8” mitigation strategies from their top 35 best practices for securing information systems. The purpose of the Essential 8 is to provide an appropriate baseline standard for organizations to mitigate their own Cyber Exposure. The ASD suggests that organizations start by ensuring that the Essential 8 mitigation strategies be implemented, then organizations can adopt other Top 35 mitigation strategies based on the risks of the organization.

The ASD Essential 8 is split into 2 sections: “To prevent malware from running,” and “To limit the extent of incidents and recover data.”  SecurityCenter’s “ASD Top 4 Mitigation Strategies” dashboard covers the Top 4 of the Essential 8. SecurityCenter’s “Browser Vulnerabilities” dashboard leverages vulnerability information about web browsers to provide information on user application hardening. This report provides a comprehensive indicator of how well you comply with the ASD Essential 8.

The ASD Essential 8 report leverages data from SecurityCenter, which combines active scanning using Nessus with passive vulnerability scanning from Nessus Network Monitor. Vulnerability data is broken up into software details and browser specific vulnerabilities, organized by browser type. The final section provides remediation guidance to mitigate these vulnerabilities.

This dashboard is available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards and assets. The dashboard can be easily located in the SecurityCenter Feed under the category Threat Detection & Vulnerability Assessments. The dashboard requirements are:

  • SecurityCenter 5.4.5
  • Nessus 6.10.5

Tenable SecurityCenter is the market-defining continuous network monitoring solution, which assists organizations in securing their internal network. SecurityCenter utilizes the CVSS scoring system for vulnerabilities; providing a uniform approach to vulnerability assessment, and SecurityCenter obtains information on environmental vulnerabilities through active scanning. Nessus Agents enable scanning and detection of vulnerabilities on transient and isolated devices. SecurityCenter provides an organization with the most comprehensive view of risks within the network and the intelligence needed to support effective vulnerability remediation efforts.

This report contains the following chapters:

Executive Summary:  The Executive Summary section provides high-level active and passive OS and application vulnerability information, and group membership/privileged access indicators.

Software Details:  The Software Details chapter provides information regarding what software is installed and if there have been any modifications to the software.

Browser Vulnerabilities: The Browser Vulnerabilities chapter provides vulnerability data associated with 5 commonly used web browsers: Google Chrome, Mozilla Firefox, Safari, Opera, and Internet Explorer.

Mitigation:  The Mitigation chapter provides OS and application vulnerability mitigation solutions.


Probar gratis Comprar ahora

Probar Tenable.io Vulnerability Management


Disfrute de acceso completo a una plataforma moderna de gestión de vulnerabilidad basada en la nube que permite visualizar y realizar un seguimiento de los activos con una precisión inigualable. Regístrese ahora y ejecute el primer análisis en 60 segundos.

Comprar Tenable.io Vulnerability Management

Disfrute de acceso completo a una plataforma moderna de gestión de vulnerabilidad basada en la nube que permite visualizar y realizar un seguimiento de los activos con una precisión inigualable. Compre hoy mismo una suscripción anual.

65 activos

Probar Nessus Professional gratis


Nessus® es el escáner de vulnerabilidades más completo que existe en el mercado actual. Con Nessus Professional, le ayudará a automatizar el proceso de escaneo de vulnerabilidades, ahorrar tiempo en sus ciclos de cumplimiento y hacer participar a su equipo de TI.