Skip navigation
Share:|

Two new videos demonstrate how to use BMC SecOps Response to remediate vulnerabilities detected in your server environment. The videos are attached to corresponding walkthrough topics. See:

 

Let us know if you find these topics helpful by rating or commenting on this blog post.

Share:|

To use BMC SecOps Response, you must set up on-premise connectors for related products. Here's a new walkthrough and an accompanying video that demonstrates how to onboard a connector for BSA: Walkthrough: Onboarding a connector for BSA - BMC SecOps Response Service

Let us know if you find this topic helpful by rating or commenting on this blog post.

 

Share:|

When vulnerability scans fail to detect a server, that's a blind spot. And blind spots are potential security risks.

A new walkthrough and its accompanying video describe how to use BMC Discovery and BMC SecOps Response to identify blind spots across your computing environment.

See Walkthrough: Using BMC Discovery to detect blind spots and filter for applications.

Let us know if you find this topic helpful by rating or commenting on this blog post.

Share:|

Are you wondering if BMC SecOps Response can help you manage vulnerabilities in a network environment?

We've published some some topics that walk you through the process of using BMC SecOps Response to remediate vulnerabilities detected in a network environment.

One topic describes how to map assets and vulnerabilities in a vulnerability scan to network devices and rules you manage with BNA. The other topic takes you through the process of creating a remediation job to correct vulnerabilities.

 

 

Let us know if you find these topics helpful by rating or commenting on this blog post.

Share:|

Are you just getting familiar with BMC SecOps Response and wondering how the process works?

 

We published some topics that walk you through the process. One topic describes how to map assets and vulnerabilities detected in a vulnerability scan to the servers and remediation content you manage with BSA or SCCM. The other topics take you through the process of creating remediation jobs to correct vulnerabilities.

 

Take a look at these topics:

 

 

Let us know if you find this topic helpful by rating or commenting on this blog post.

Share:|

So, CVE-2017-0144 https://nvd.nist.gov/vuln/detail/CVE-2017-0144, a vulnerability that was identified about two months ago (published Mar 16 2017), is now being widely exploited in the wild, most visibly impacting hospitals in the UK’s National Health Service to the point that they’ve had to redirect incoming patients to other facilities.

This vulnerability is addressed by Microsoft Bulletin MS17-010, which is also included in OS-specific Security Bulletin (roll-ups) SB17-002, SB17-003, SB17-004.  MS17-010 applies to Server 2003 and Server 2008, while SB17-002 applies to Server 2008 R2, SB17-003 applies to Server 2012 R2 and SB17-004 applies to Server 2012 (thanks to Joe Schuler)

 

Part of what makes the vulnerability so serious is that it doesn’t require direct action by the user, simply having the vulnerability and being on the same network as an infected host can expose your system to the ransomware.

 

Wana Decrypt0r screenshot.png

(source: Wikipedia)

 

So, how do we address this using SecOps Response?

 

I imported my latest scan info, then went over to the Operator Dashboard.  Filter by "CVE-2017-0144", and it shows me exactly which systems have this vulnerability detected on, and that the oldest detection is 22 days old (and now in violation of SLA, being a critical vulnerability): 


I scroll down and see all the systems that I can remediate.

 

Click remediate: 

I'm going to deselect one server, but continue with the rest:

Select "Execute Now":

Select some notifications, then hit execute now.


Isn't that easy?