ControlsInsight has a very important security control called the Operating systems up to date for which all the assets are evaluated. This control gives the indication of whether or not the Operating system present in each asset assessed by ControlsInsight is up to date with all the vulnerabilities present. Having the latest OS updates on the asset plays a major role from the security perspective because each update has latest security updates in them to tackle the current threats that are present. Hence missing the update could be a huge vulnerability for the system making it highly susceptible. Having vulnerabilities gives a chance for the outside world to cash in and take control of the system.
This security control plays a part in the overall threat score that is displayed for the different sites that was selected to be assessed for risk. For example having all the OS updates present in the asset has a score of 100% to asset coverage and having no updates has a score of 0% to the asset coverage. Having a 100% asset coverage score contributes a ten to the overall score and ensure that your asset is free from vulnerabilities, similarly an asset score of 0% contributes a zero to the overall threat score which implies the asset is having a high risk of vulnerabilities. As of now ControlsInsight only checks for windows desktop systems and it is checked for the following updates.For a Windows 8 system only updates related to Windows 8 are checked. Hence the other updates like Windows 7 or Windows XP becomes N/A to this system.
Assets with Windows 7 applied
Assets with Windows 8 applied
Assets with windows XP applied
Assets with Windows Vista applied
The following screen shot shows 42 out 47 assets having all their OS updates, hence it contributes a 9 to the Overall threat score and also safe from most vulnerabilities
Following is another screen shot in which only 3 out of 65 assets have their operating systems up to date and hence the overall grade is only 2 which makes it highly vulnerable