Security Misconfiguration
Select > > > > > .
In general, the most common vulnerability in your environment is mis-configured operating systems, frameworks, libraries, and applications. Mis-configurations include missing security patches or updates, incomplete or ad hoc configurations, use of insecure default configurations, poorly configured HTTP headers, and error messages that contain sensitive information.
|
Dashboards |
Reports |
|
Misconfiguration Events Overview |
- Misconfiguration Events Overview
- Provides an overview of the mis-configured events reported in your environment. The charts show the top mis-configured systems, the top misconfiguration events, an indicator of the risk associated with the reported misconfiguration events, events by agent severity, and misconfiguration events over time. The table provides additional information, such as the associated vulnerability.
- Missing Security Patches Overview
- Provides charts and a table to help you identify the top machines that fail to have all relevant security patches, as well as the security patches most reported as not having been applied. You can review the missing patch reports over time, by agent severity, and by risk indicator.
- Security Patch Missing
- Lists the security patches that have not been applied, as reported by vulnerability scanners in your environment.
-
Older or mis-configured XML processors use XML documents to evaluate external entity references, and can inadvertently process harmful XML input. Malicious users the XML processor’s to reveal internal content such as files, file shares, and port scans, as well as execute remote code and denial of-service attacks. - XML Vulnerabilities
- Lists the hosts with the most XML vulnerabilites.