|
<< Click to Display Table of Contents >> Raynet One > 1.1 > User Guide > Keep your IT landscape safe and healthy Assessing software vulnerabilities |
Software vulnerabilities (e.g. EoL and EoS software being installed on devices) can interfere with your IT assets' performance and, thus, challenge your entire IT security. This is why Raynet One includes functions that help you identify and analyze both security leaks and vulnerable assets. On the basis of intelligent tools running in the background, the platform offers an automated search and display of known vulnerabilities. Find out about ways to take a deep-dive into your assets' vulnerability status and implicit threats in the following chapters.
There may be vulnerabilities lurking in your IT landscape which are not yet listed. Many reasons exist for this lack of information, more or less reasonable. First and foremost, a grace period is given to vulnerabilities and the publication can be seen as attack motivation. Malicious interests could treat vulnerability information as secret to sell for big cash. Hard to find vulnerabilities are likely to stay undetected. Vendors do not want to risk their reputation or underestimate the risk implied by a fault in their products.
Each vulnerability item is assigned a score by CVE. Use it to get an impression of the vulnerability's severity.
Vulnerability descriptions are designed to deliver critical insight into risk and severity in a brief form. Connect the dots to evaluate their impact on your whole IT landscape. The following points are usually found in them.
1.product explanation and advertisement
2.mention of affected product technical and internal components
3.logical deduction of the flaw by scenario and conditions
4.technical vulnerability term, phrased more or less clearly
5.(optional) disclaimer
For several reasons, it is easy to lose track in the vast vulnerabilities feed. Some vulnerabilities are described in unnecessary technical depth. Unclear phrasing is used, to classify the actual vulnerability (effect, danger). Description text tends to deviate from the recommended text structure. Last but not least, the impact on your IT landscape does not equal to the vulnerability score.
Common strong technical terms are used to describe the vulnerability clearly. Here are some reoccurring ones which you should learn.
•Exposure of sensitive information, use-after-free
•stack-based buffer overflow, out-of-bounds array read/write
•remote core execution, execute arbitrary code
•memory consumption (system resource denial or abuse)
•Cross-Site Scripting (XSS) (web technology hijacking)
•authenticate on behalf of the user, privilege escalation, improper access controls
•race condition (exploitation of questionable product technical design)
•denial-of-service
The affected devices are found using proprietary fingerprinting technology. It collects hashes and, possibly, qualifying file properties (vendor string, digital signature properties). It's matched against data from the Technology Catalog to determine product name and, reducing any ambiguities, the vulnerability records. Collected inventory is used to relate to devices and operating systems.