New Nessus Configuration Auditing Features for Windows Servers
March 27, 2007Tenable has added several new types of configuration and security audits that can be performed by Nessus 3 against Windows servers. This blog post explains the new items. New Auditing Options There ...
Log Correlation Engine Rules Update
March 25, 2007Several new PRM libraries and one TASL script have been updated and are available for download and use with the Log Correlation Engine. The list below shows what has changed. Each PRM or TASL links to...
Tenable Wednesday
March 21, 2007Most readers should be familiar with the concept of "Microsoft Tuesday" as the day when Microsoft, and many other OS vendors, release security patch information. These releases occur on a re...
Webinar -- "HIPAA Compliance - What can Nessus do for you?"
March 20, 2007Tenable Network Security will be hosting a webinar on March 21, 2:00 PM to 3:00 PM EST. This presentation will consider how configuration auditing and vulnerability monitoring can be performed by the ...
Trimming the FAT
March 20, 2007Tenable's research group today released a check for Nessus which discovers systems not-running NTFS file systems. For example, a system running on top of FAT32 would be detected by this plugin. The pl...
Nessus 3.2 BETA -- Example WMI library usage
March 19, 2007The Nessus 3.2 BETA includes many new features, including a library that allows users to program their own WMI queries to Windows systems. This blog entry discuses some example WMI NASL scripts that m...
Reporting Vulnerabilities in an IT Managed Environment
March 16, 2007<p>If you are performing some sort of vulnerability monitoring program or audit, you are most likely finding a large volume of information. Making sense of this information and presenting it to other users who may be less technical than you (or at least less familiar with the vulnerability discovery process) can be a challenging task. </p>
Detecting Change -- Part II
March 13, 2007Tenable has previously bloged about how change can be detected through log analysis. Network change can be detected many other ways, including scanning and passive network monitoring. This blog entry ...
Using Manufacturer Information For Automatic Dynamic Asset List Creation
March 8, 2007We've blogged in the past about how the Security Center can use any data obtained by Nessus or the Passive Vulnerability Scanner to automatically classify a host into one or more political or technica...
Monitoring Telnet Security
March 3, 2007With the advent of the current Solaris Telnet Worm, Tenable has had many requests and comments about not only finding the specific associated vulnerability, but how to monitor Telnet in general. This ...
Automated audit policy creation for UNIX Nessus compliance checks
February 27, 2007Many UNIX applications and system settings are contained in proprietary text configuration files. Auditing these for unauthorized changes or configurations can be very cumbersome and time consuming. N...
Enhanced Windows Compliance Auditing
February 24, 2007The Nessus 3 Direct Feed was updated today with enhanced functionality for Windows compliance checks. This blog entry discusses the new features and has example .audit text to illustrate them, includi...