Detecting vulnerabilities is a necessity for any IT department hoping to keep their infrastructure secure or any IT security professional administering a Security Control Assessment. For that purpose, there is no lack of tools to scan the various facets of an organization’s pivotal technology: the Cisco Router Assessment Tool, Tenable Network Security’s Nessus, Hewlett Packard Web Inspect, App Detective and the open source Nmap. Though these scanners excel at finding vulnerabilities, none of them are readily able to work with the others to communicate their findings back to IT personnel. At Lunarline, we’ve been watching this problem for some time, so we decided to build a solution.
Vulnerability Scan Converter (VSC) is that solution, and we’re unveiling it today in advance of its commercial launch later this year. VSC is a simple, portable desktop app that reads the output of the above mentioned scanners and exports them as a human-friendly Excel file – with both a Plan of Action & Milestones (POA&M) formatted worksheet, a detailed set of fields for each scanner on separate worksheets, and a run down of the ports scanned (if any) on another worksheet.
Curious if it’s right for you? Ask yourself how much time you spend in a given week scouring over vulnerability scan results. Let’s have a look at how VSC can get you some of those hours back…
Analyzing Nessus Vulnerability Scan Results
The main feature of VSC is processing the output of vulnerability scanners into a POA&M formatted Excel worksheet and a more detailed worksheet of the data. The Nessus vulnerability scanner by Tenable Network Security is one of the scanners whose output VSC supports.
VSC is pictured below. A user can click the Import Scan Results button and select the file they want to process, as shown further below.
Once the Vulnerability output is imported, it is immediately processed. The vulnerabilities in the scanner output are counted and displayed. The number of hosts that were processed is also displayed. A user can see at a glance a summary of the findings of the scanner.
From there, a user simply needs to click the Export All Scan Results button to generate an Excel workbook that contains all of the information from the scan:
You can download the sample workbook, called nessusTest.
Nmap – Discovering Ports
VSC is able to extract the ports information from an Nmap scan. An Nmap-formatted XML file is all that’s needed to add Nmap scan results to a VSC export.
When an Nmap file is imported, the Ports column on the far side of the UI is updated, as indicated in the screenshot above.
Have a look at the sample Excel file:
You can download the sample workbook, called nmapTest.
Portability, Multiple Scans at Once, Getting Help
VSC is completely portable. That means, with any removable media, you can take it with you wherever your work is, and never have to worry about installing it on a workstation. Simply put VSC on your media of choice (flash drive, SD card, CD) and take it with you. When you arrive at your workstation, run VSC directly from your media. No installation process, no internet access required.
If you’re like most security professionals, you may have ten or eleven scan files that you need processed at one time. That’s no problem for VSC. You can import as many files as you want, and it will convert them all. The best part? When you export the files once they’ve finished converting, their results will all be packaged up into a single Excel Workbook!
The operations of VSC are meant to be simple and straight forward. When dealing with the scanner output files, though, it can be difficult to generate the right files from the scanner’s themselves. The help button on the VSC app provides guidance on how to generate the right output from the scanners so they can be imported into VSC and converted.
Where to get it
VSC is currently undergoing rigorous testing at Lunarline labs, and should be ready for release soon. If you would like to be notified when it is released, contact us (https://www.lunarline.com/vsc/contact) and we’ll let you know.