Tenable Network Security Podcast Episode 194 - "Common Sense Security..."

Announcements

• We're hiring! - Visit the Tenable website for more information about open positions.
• Check out our video channel on YouTube which contains new Nessus, PVS, and SecurityCenter tutorials.
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
• Want to ask questions about Nessus, PVS, SecurityCenter, and LCE and get answers from the experts at Tenable? Join the Tenable Discussions Forum for custom scripts, announcements, and more!
• You can subscribe to the Tenable Network Security Podcast on iTunes!

Discussion & Highlighted Plugins

• Common Sense Security Monitoring - I really have a lot of faith in this concept, largely because it makes sense in the real world in addition to the digital world. For example, you become accustomed to the happenings in your neighborhood. People tend to be creatures of habit: They leave for work around the same time, walk their dogs around the same time of day/night, lights go on and off at fairly regular times, etc. When someone breaks the mold a bit, you tend to notice (at least I do). It sends up a red flag, and I pay closer attention to the behavior. For example, a car driving around with its lights off at 11 pm, when that's not supposed to happen until at least 4 am when my neighbor up the street leaves for work and doesn't want to blind the neighborhood with his headlights. Some new PVS rules will allow you to accomplish the same thing and flag behavior such as SSH traffic not on port 22.
• The NSA Saga Continues - Recent developments have furthered discussions on how NSA spying impacts corporate business processes. Should we be paranoid that someone is watching? How safe are our corporate secrets if the NSA has a backdoor in our security products? Do you, like several others, boycott RSA as it has been reported that the NSA maintained backdoors in their products?

Nessus

Passive Vulnerability Scanner

SecurityCenter Apps

Dashboards

Report Templates

Security News Stories

1. Nessus HTML5 UI 2.1 Provides Enhanced Usability
2. Space Rogue from L0pht and Hacker News Network Joins Tenable Network Security
3. Ask A VC: Accel's Ping Li On The Impact Of Data-Driven Software and More
4. Does retail security take a backseat during the 'holiday IT lockdown'?
5. Industry Predictions for 2014; Part 4: Managed Security Services
6. Industry Predictions for 2014; Part 3: The Effect and Influence of Government
7. Defending against self-destructing PCs, other mythical security threats
8. Lessons for CSOs in Snowden exploit of NSA networks
9. Mikko Hypponen Still Speaking at the RSA Conference
10. Researchers publish Snapchat code allowing phone number matching after exploit disclosures ignored | ZDNet
11. Surprise! It's Super Easy to Identify People From Metadata
12. Trojan program hijacks World of Warcraft accounts despite two-factor authentication
13. Flash Memory Cards Contain Powerful, Unsecured Microcontrollers
14. Probes Against Linksys Backdoor Port Surging
15. OpenSSL Hackers Used Weak Password at Web Host to Deface Site
16. Noted speaker, Mikko Hypponen, cancels RSA talk in protest to NSA collaboration allegations
17. Growing human organs inside pigs in Japan
18. Researcher Uncovers Backdoor In DSL Routers
19. FireEye buys outfit that lifted the lid on Chinese cyber-espionage
20. Hacker backdoors Linksys, Netgear, Cisco and other routers