Select > Reports > Portal > Repository > Standard Content > OWASP > A 6 - Security Misconfiguration.
In general, the most common vulnerability in your environment is misconfigured operating systems, frameworks, libraries, and applications. Misconfigurations include missing security patches or updates, incomplete or ad hoc configurations, use of insecure default configurations, poorly configured HTTP headers, and error messages that contain sensitive information.
To identify systems that need reconfiguration, use the following dashboards and report:
Provides an overview of the misconfigured events reported in your environment. The charts show the top misconfigured systems, the top misconfiruation events, an indicator of the risk associated with the reported misconfiguration events, events by agent severity, and misconfiguration events over time. The table provides additional information, such as the associated vulnerability.
Provides charts and a table to help you identify the top machines that fail to have all relevant security patches, as well as the security patches most reported as not having been applied. You can review the missing patch reports over time, by agent severity, and by risk indicator.
Lists the security patches that have not been applied, as reported by vulnerability scanners in your environment.