2023-10-19 22:0:0 Author: www.tenable.com(查看原文) 阅读量:11 收藏
The NSA and CISA have released a joint cybersecurity advisory discussing the top 10 most common cybersecurity misconfigurations, and outlining ways to mitigate them. Read this blog to learn more and see how Tenable technologies can help discover, prevent and remediate these misconfigurations.
Background
On October 5, 2023 the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) published a joint cybersecurity advisory to highlight the most common cybersecurity misconfigurations. In particular, the advisory calls out the tactics, techniques and procedures (TTPs) actors use to compromise a network, as well as recommended mitigation strategies.
Top cybersecurity misconfigurations
The agencies identified the following 10 most common network misconfigurations:
- Default configurations of software and applications
- Improper separation of user/administrator privilege
- Insufficient internal network monitoring
- Lack of network segmentation
- Poor patch management
- Bypass of systems access controls
- Weak or misconfigured multifactor authentication (MFA) methods
- Insufficient access control lists (ACLs) on network shares and services
- Poor credential hygiene
- Unrestricted code execution
As stated in the joint advisory, these common misconfigurations depict systemic vulnerabilities within the networks of many large organizations and showcase the need for software makers to embrace secure-by-design principles .
CISA and NSA urge network defenders to remove default credentials, deactivate unused services, ensure systems are updated regularly, prioritize patching of high risk vulnerabilities and properly manage admin accounts and privileges.
How Tenable can help to identify the top misconfigurations
These misconfigurations are present in many organizations today, both in the private and public sectors. This advisory underscores the fundamental need for organizations to have good cyber hygiene that addresses misconfigurations and vulnerabilities. According to the Center for Internet Security (CIS), almost all successful attacks exploit “poor cyber hygiene”. As organizations discover and fix vulnerabilities and misconfigurations, maintain good administrative and configuration practices, and keep track of vital assets, they reduce and eliminate attack vectors used by threat actors.
The Tenable One Exposure Management Platform extends beyond traditional vulnerability management and foundational cyber hygiene to include data about misconfigurations, vulnerabilities and attack paths across a spectrum of assets and technologies -- including identity solutions, cloud configurations and deployments and web applications.
Tenable solutions that are part of Tenable One can help organizations prevent, discover and remediate misconfigurations. As we review the list of misconfigurations discussed in the advisory, our identity exposure management solution, Tenable Identity Exposure, helps secure identities, one of the most common attack vectors that attackers exploit. Tenable Identity Exposure monitors several critical misconfigurations identified in the list from CISA and NSA, including: Improper segmentation of admins and user privileges; weak or misconfigured MFA controls in Entra ID; and poor credential hygiene including the use of compromised or weak passwords.
Tenable One adds the ability to quickly discover out-of-date software, detect misconfigurations based on industry compliance standards, and obtain a deeper understanding of the network segmentation and devices that reside on the same or adjoined networks. The attack path analysis capabilities within Tenable One combine device identification, network segmentation, detection of device or service vulnerabilities, and visibility into directory services to enable users to quickly identify vulnerable attack surfaces within their environments. A topology or node view can be used to identify attack paths from start to finish. It outlines vulnerable servers, web applications, and services that may be exposed to the internet. It also shows how they can become a foothold through the use of exploitation techniques or exploitable vulnerabilities allowing attackers to move laterally or escalate privileges through the network.
Learn more:
Lindsay Schwartz
Lindsay has held various product marketing roles since joining Tenable in 2017. She is currently the Senior Product Marketing Manager for Tenable Vulnerability Management, Web App Scanning and Public Sector. She has over 15 years of experience in product and strategic marketing, spanning startups to large B2B corporations, with a strong focus in high tech and cybersecurity. Prior to Tenable, Lindsay worked as a product marketing manager for Cisco, responsible for driving broader market awareness and accelerating demand for their EDR/XDR and threat hunting technologies. Earlier in her career she held various roles in marketing strategy and communications at several technology startups, including Sourcefire, which was acquired by Cisco.
Related Articles
- Active Directory
- Center for Internet Security (CIS)
- Exposure Management
- Federal
- Government
- Security Frameworks
Cybersecurity News You Can Use
Enter your email and never miss timely alerts and security guidance from the experts at Tenable.
Tenable Vulnerability Management
Formerly Tenable.io
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.
Tenable Vulnerability Management
Formerly Tenable.io
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
65 assets
Choose Your Subscription Option:
Thank You
Thank you for your interest in Tenable.io. A representative will be in touch soon.
Try Tenable Nessus Professional Free
FREE FOR 7 DAYS
Tenable Nessus is the most comprehensive vulnerability scanner on the market today.
NEW - Tenable Nessus Expert
Now Available
Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.
Fill out the form below to continue with a Nessus Pro Trial.
Buy Tenable Nessus Professional
Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.
Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.
BUY
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
65 assets
Choose Your Subscription Option:
Thank You
Thank you for your interest in Tenable.io. A representative will be in touch soon.
Try Tenable Web App Scanning
Formerly Tenable.io Web Application Scanning
Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.
Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.
Buy Tenable Web App Scanning
Formerly Tenable.io Web Application Scanning
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Try Tenable Lumin
Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.
Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.
Buy Tenable Lumin
Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.
Thank You
Thank you for your interest in Tenable Lumin. A representative will be in touch soon.
Request a demo of Tenable Security Center
Formerly Tenable.sc
Please fill out this form with your contact information.
A sales representative will contact you shortly to schedule a demo.
* Field is required
Request a demo of Tenable OT Security
Formerly Tenable.ot
Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.
Request a demo of Tenable Identity Exposure
Formerly Tenable.ad
Continuously detect and respond to Active Directory attacks. No agents. No privileges.
On-prem and in the cloud.
Request a Demo of Tenable Cloud Security
Exceptional unified cloud security awaits you!
We’ll show you exactly how Tenable Cloud Security helps you deliver multi-cloud asset discovery, prioritized risk assessments and automated compliance/audit reports.
Thank You
Thank you for your interest in Tenable Cloud Security. A representative will be in touch soon.
See
Tenable One
In Action
Exposure management for the modern attack surface.
See Tenable Attack Surface Management In Action
Formerly Tenable.asm
Know the exposure of every asset on any platform.
Thank You
Thank you for your interest in Tenable Attack Surface Management. A representative will be in touch soon.
Try Tenable Nessus Expert Free
FREE FOR 7 DAYS
Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.
Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.
Buy Tenable Nessus Expert
Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.
Try Nessus Expert Free
FREE FOR 7 DAYS
Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.
Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.
Buy Tenable Nessus Expert
Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.
如有侵权请联系:admin#unsafe.sh