Tenable Blog

The video below is part 4 in our series of the top ten things you didn't know about Nessus and covers Nessus licensing and usage:

Further Reading:

• Tenable Charitable Organization Subscription Program

Assessing the security of SCADA devices has always been a challenging task. SCADA devices are used in several critical infrastructure industries, including power plants, manufacturing, chemical processing, and nuclear reactors. Thus, the high availability and security of these devices are of the utmost importance. The challenge lies in assessing the security of SCADA devices without causing any adverse effects. The special purpose-built systems often operate within a limited scope and use protocols that are specific to the tasks being performed, such as Modbus, OPC, and DNP3.

In 2006, Tenable Network Security released the first Nessus® vulnerability scanner and Tenable Passive Vulnerability Scanner (PVS) SCADA plugins (you can read the original release notes for PVS in a post titled "SCADA Network Monitoring" and the original release for Nessus titled "SCADA Checks For Nessus 3"). In April 2011, a new round of SCADA plugins were released for Nessus (covering devices from Movicon, 7-Technologies, and more).

Tenable is now pleased to announce the availability of additional SCADA plugins for Nessus ProfessionalFeed, Tenable SecurityCenter, and PVS users. Tenable's research team worked alongside SCADA experts from Digital Bond to test and identify a wide variety of common SCADA devices. The plugins were announced at Digital Bond’s S4 Conference on SCADA security held on January 19, 2012. Note: Digital Bond’s Dale Peterson joined us on the Tenable Network Security podcast episode 110 and spoke about the new plugins and SCADA security.

Below is a sample of some of the new SCADA plugins:

The video below is part 6 in our series of the top ten things you didn't know about Nessus and covers information related to IPv6 scanning using Nessus:

Further Reading:

Nessus - IPv6 Scanning

Welcome to the Tenable Network Security Podcast Episode 110

Hosts

• Paul Asadoorian, Product Evangelist
• Carlos Perez, Lead Vulnerability Researcher
• Ron Gula, CEO/CTO
• Jack Daniel, Product Manager

Announcements

• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials. We recently added a 38-minute tutorial of Nessus, covering most of the basic features.
• We're hiring! - Visit the Tenable website for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
• Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
• PVS 3.6.0 for Linux now Available - Added the "Strip VLAN tags" setting to ignore the VLAN header, Nessus V2 report output format support, Deprecated the "failure-threshold" configuration setting, Improved stability when parsing PASL scripts, New license format (Requires a new license)

New & Notable plugins

Hosts

• Paul Asadoorian, Product Evangelist
• Jack Daniel, Product Manager
• Carlos Perez, Lead Vulnerability Researcher
• Ron Gula, CEO/CTO

Announcements

• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials. We recently added a 38-minute tutorial of Nessus, covering most of the basic features.
• We're hiring! - Visit the Tenable web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics and more!
• Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
• Tenable has released Nessus plugin 57462 to detect that nasty FreeBSD TELNET bug we touched on last week.
• Nessus plugin 57461 was recently added to scan for Apple iOS Lockdown services
• PVS can now detect systems reaching out to .xxx domains, enhanced OS identification.