how we can conduct credentialed scan over guardium infrastructure by using tenable? I have tried to use cli account but it is ending up with non-credentialed scan.

any advice?

 

------------------------------
Shahbaz Ahmed
------------------------------

Shahbaz,

What do you mean by credential "scan"? The cli account is an OS account with limited commands.  So the normal OS commands are not going to work. That is why it is referenced as a hardened appliance. 

Jennifer

------------------------------
Jennifer Dodson
Brand Technical Specialist
Global Sales, Financial Services
1 469 796 8337 Mobile
jennifer.dodson@ibm.com

IBM
------------------------------

Original Message:
Sent: Sun September 03, 2023 05:04 AM
From: Shahbaz Ahmed
Subject: Scanning Guardium Appliance

how we can conduct credentialed scan over guardium infrastructure by using tenable? I have tried to use cli account but it is ending up with non-credentialed scan.

any advice?

 

------------------------------
Shahbaz Ahmed
------------------------------

Hi Jennifer,

Credentialed Scan is a privileged scan having root or sudo access to fully scan the system for any vulnerability OS or software vulnerability. I given a try to scan Guardium (CM, Aggregator, Collectors) server however I did not find any vulnerability on them in the scan though they have that are published recently in the month of august.

------------------------------
Shahbaz Ahmed
------------------------------

Original Message:
Sent: Tue September 05, 2023 09:08 AM
From: Jennifer Dodson
Subject: Scanning Guardium Appliance

Shahbaz,

What do you mean by credential "scan"? The cli account is an OS account with limited commands.  So the normal OS commands are not going to work. That is why it is referenced as a hardened appliance. 

Jennifer

------------------------------
Jennifer Dodson
Brand Technical Specialist
Global Sales, Financial Services
1 469 796 8337 Mobile
jennifer.dodson@ibm.com

IBM

Original Message:
Sent: Sun September 03, 2023 05:04 AM
From: Shahbaz Ahmed
Subject: Scanning Guardium Appliance

how we can conduct credentialed scan over guardium infrastructure by using tenable? I have tried to use cli account but it is ending up with non-credentialed scan.

any advice?

 

------------------------------
Shahbaz Ahmed
------------------------------

Hi,

You can't run an authenticated vulnerability scan on Guardium appliances.

IBM run scans regularly with the differents most popular vulnerability scanner and do pentest campaign over the supported Guardium versions. If vulnerability are discovered during thoses scans/pentests campaign, they should be mitigated by a security hotfix patch or in the next patch bundle.

Regards, 

------------------------------
Thibaut Stauder
------------------------------

Original Message:
Sent: Sun September 03, 2023 05:04 AM
From: Shahbaz Ahmed
Subject: Scanning Guardium Appliance

how we can conduct credentialed scan over guardium infrastructure by using tenable? I have tried to use cli account but it is ending up with non-credentialed scan.

any advice?

 

------------------------------
Shahbaz Ahmed
------------------------------

Hi Shahbaz,

You won't be able perform a scan on Guardium server. IBM Support holds the root and it won't be shared to any customers. As a result, any OS level scans cannot be done. Also , with the help of CLI account you won't be able to sudo. 

Guardium is a black box. It is a customised image not like regular RHELs. 

For any vulnerability discovered , IBM Support will release a patch which you can install in your infrastructure. In addition, if you discover any vulnerabilities, you can reach out to them with all details & they would provide you with an adhoc patch.

Regards,

Girish

------------------------------
GIRISH RAMESH BABU
------------------------------

Original Message:
Sent: Sun September 03, 2023 05:04 AM
From: Shahbaz Ahmed
Subject: Scanning Guardium Appliance

how we can conduct credentialed scan over guardium infrastructure by using tenable? I have tried to use cli account but it is ending up with non-credentialed scan.

any advice?

 

------------------------------
Shahbaz Ahmed
------------------------------