SecurityCenter Report Templates

Microsoft Windows Wireless Network History

Cody Dumont — Thu, 09 May 2013 13:21:14 +0000

Using the Nessus plugin 66350 "Microsoft Windows Wireless Network History", this report tracks the networks a Windows computer has connected too. This reporting is possible via the Network Location Awareness (NLA) registry entries. NLA collects the network information available to the computer and generates a globally unique identifier (GUID) to identify each network.

Consolidation Report for Missing Patches

Cody Dumont — Wed, 08 May 2013 15:26:36 +0000

This report uses the new Nessus “Patch Report” plugin (ID #66334) and will provide a consolidated missing patch report for each host within the network. The report uses the iterator grouping element to loop through each host of the network and provide a detailed missing patch report for each system identified by the plugin.

SANS Top 20 Report Template

Cody Dumont — Wed, 08 May 2013 13:25:15 +0000

As published by SANS, the goal of the Top 20 Critical Controls is to protect assets, infrastructure, and information by strengthening your organizations defensive posture through continuous automated protection and monitoring. This Security Center report complements the SANS Top 20 Dashboard. The report is comprised of 15 chapters, and a series of sections within each chapter. The report is essentially over 50 smaller reports combined together. Each mini report consists of two or more descriptive paragraphs, an asset summary and top 100 table.

CCI to NIST 800-53 Reports

Cody Dumont — Thu, 18 Apr 2013 19:37:07 +0000

These dashbaords summarize NIST 800-53 chapters and controls based on Control Correlation Identifiers (CCI).

CCE to NIST 800-53 Reports

Cody Dumont — Thu, 18 Apr 2013 15:10:12 +0000

These report templates summarize NIST 800-53 chapters and controls based on Common Configuration Enumeration (CCE).

CIS SUSE Summary

Dave Breslin — Tue, 09 Apr 2013 16:45:12 +0000

This report template provides a compliance summary for Center for Internet Security (CIS) SUSE Linux Enterprise Server (SLES) Security Configuration Benchmark audits.

The template with very few or no modifications at all can be used with all of Tenable's CIS certified SUSE audits. However, its recommended that audit results generated by configuration check files downloaded from the Tenable Customer Support Portal are kept separate in their own SecurityCenter repositories.

CIS RHEL Summary

Dave Breslin — Tue, 09 Apr 2013 16:29:31 +0000

This report template provides a compliance summary for Center for Internet Security (CIS) Red Hat Enterprise Linux (RHEL) Security Configuration Benchmark audits.

The template with very few or no modifications at all can be used with all of Tenable's CIS certified RHEL audits. However, its recommended that audit results generated by configuration check files downloaded from the Tenable Customer Support Portal are kept separate in their own SecurityCenter repositories.

CIS Linux and Unix Summary

Dave Breslin — Tue, 09 Apr 2013 15:44:00 +0000

This template is designed to report the overall compliance status of Tenable's certified Center for Internet Security (CIS) Linux and UNIX Configuration Benchmark audits.

The template with several minor modifications can be used with all of Tenable's CIS certified Linux and UNIX audits. When using multiple CIS audits ensure the results are separated by repositories. After importing the template ensure it's table and chart elements are modified to filter by the appropriate repository.

GLBA Malicious Code Prevention Compliance

Dave Breslin — Thu, 28 Mar 2013 21:13:51 +0000

This report template summarizes audit results as they relate to the controls described by the Federal Financial Institutions Examination Council’s (FFIEC) guidance on host level malicious code prevention for Section 501 (b) compliance of the Gramm-Leach-Bliley Act (GLBA).

GLBA Section 501 (b) Host Configuration Auditing Compliance

Dave Breslin — Mon, 25 Mar 2013 13:26:55 +0000

This report template groups configuration check results as they relate to best practice configuration settings typically used within financial institutions for Microsoft platforms.