Three Types of Client-side Exploits
We often hear about vulnerabilities in client software, such as web browsers and email applications, that can be exploited by malicious content. The repeated stories about botnets, infected web sites,...
View ArticleActive and Passive Auditing of DNS Servers in Use – Finding DNSChanger Malware
Tenable’s Research team recently shipped a variety of Nessus plugins and Passive Vulnerability Scanner (PVS) PASL scripts that audit and detect the DNS servers in use on (and off) your network. These...
View ArticleEnhanced Botnet Detection with Nessus
Tenable’s Research team recently added the ability for Nessus to evaluate audited hosts to see if they are connected to or configured with a known botnet IP address. In this blog entry, we will review...
View ArticlePredicting Attack Paths
Tenable has published a technical paper titled “Predicting Attack Paths” that describes how to leverage active and passive vulnerability discovery technology to identify in real-time Internet facing...
View ArticleVulnerabilities, Exploits, and Good Dental Hygiene
Vulnerability ManagementConstantly assessing the security of your own systems is an important task in maintaining a secure network. I relate regular security assessments to personal hygiene, such as...
View ArticleRon Gula on Why Tenable Fits the U.S. Department of Defense
Ron Gula on Why Tenable Fits the Department of Defense
View ArticleVideo Conference Detection with PVS
Many customers have recently inquired about detection of video conferencing hardware and software, and Tenable’s research team has been developing additional PVS plugins to do just that.
View ArticleIf a Security Control Falls in the Forest...
Many guidelines and compliance standards state that in order to be "secure" or "compliant" all of your systems must be patched. Turns out that this is easier said than done. Just when you believe your...
View ArticleTenable Releases SecurityCenter Continuous View
Today, Tenable announced the availability of a new edition of SecurityCenter, called Continuous View.This edition of SecurityCenter uniquely encompasses both scanning and monitoring, with the inclusion...
View ArticleTenable Receives Highest Rating of "Strong Positive" in Gartner Vulnerability...
Late yesterday, Tenable announced SecurityCenter™ received a "Strong Positive" rating in Gartner's 2012 MarketScope for Vulnerability Assessment. The report provides guidance to security professionals...
View Article0-Day Java Vulnerabilities and Dealing with Vulnerable Client Software
0-day or Not, Clients Are VulnerableWhenever there is a new vulnerability in popular software found on users’ desktops, such as Java, Adobe Reader, Adobe Flash, or Mozilla Firefox, the media goes into...
View Article#1 Nessus is an Enterprise Tool - Top Ten Things You Didn't Know About Nessus
The final installment in our "Top Ten Things You Didn't Know About Nessus" video series describes how Nessus is used in the enterprise. Additional products from Tenable, such as, SecurityCenter, the...
View ArticleUncovering SSL Anomalies In Your Network Using SecurityCenter
Looking in More than One PlaceNessus, PVS, and LCE offer several methods for auditing SSL protocol usage on your network(s). SSL is commonly used to secure websites, but also protects email, file...
View ArticleMonitoring the Life of a Java Zero-Day Exploit with Tenable USM
Not too long ago, CVE-2012-4681 (US-CERT Alert TA12-240A and Vulnerability Note VU #636312) was issued for a flaw discovered in Oracle Java (JDK and JRE 7 U6 and before), as well as version 6 U34 and...
View ArticleRecap: Geeking Out II with Marcus
Ron and I spent most of the webcast rotating around the theme of detection algorithms: how do you determine what is normal and what is not? We started off with one of my favorite questions, "Are there...
View ArticleIs the Passive Vulnerability Scanner an Intrusion Detection System?
When I was at RSA earlier this year, I gave a variety of media interviews and product demos about Tenable solutions. I demonstrated Nessus detecting malicious processes and the Passive Vulnerability...
View ArticleBlack Hat USA 2013: PVS Unleashed
Tenable attended the Black Hat USA 2013 conference in Las Vegas, Nevada, and announced upcoming changes to the Tenable Passive Vulnerability Scanner (PVS).
View ArticleAnnouncing the “Vulnerabilities Exposed” Webcast Series
Jack Daniel and I will host the new "Vulnerabilities Exposed" webcast series. The first webcast will be held on August 27th at 2 pm EDT - "Reducing Your Patch Cycle to Less Than 5 Days." Read about the...
View Article"Reducing Your Patch Cycle to Less Than 5 Days" Webcast: Recording and Q&A
Jack Daniel and I presented the first webcast in the "Vulnerabilities Exposed" series - "Reducing Your Patch Cycle to Less Than 5 Days." View the webcast recording and responses to questions asked...
View Article
More Pages to Explore .....