Tenable Network Security Podcast Episode 195 - "Critical AND Exploitable"
Announcements
- We're hiring! - Visit the Tenable website for more information about open positions.
- Want to ask questions about Nessus, PVS, SecurityCenter, and LCE, and get answers from the experts at Tenable? Join the Tenable Discussions Forum for custom scripts, announcements, and more!
- You can find links to subscribe to Tenable's podcast feed, YouTube Channel, Twitter, and Facebook accounts at http://www.tenable.com/podcast!
- Detecting the Trojan.POSRAM Malware
- Nessus Compliance Checks for FortiGate Devices
- Nessus 5.2.5 Is Available for Download
Discussion & Highlighted Plugins
- Discovering New Hosts - At a recent presentation, someone asked me how one can detect new hosts. Tenable has many products that work towards detecting new hosts. One can do this passively by monitoring network traffic with PVS, via Nessus by enumerating virtual machines from virtualization servers, and by looking at the logs collected by LCE. How do you pull all this information together and act on it?
- Critical AND Exploitable - Severity rating vulnerabilities is tricky business. How do you rate the risk? The threat? What's the difference? Math aside, there is something to be said for a vulnerability in your environment. One thinks we should fix all of these ASAP, or should we?
- Scanning the ICS Village - Recently, we scanned an entire lab of security products and SCADA devices. The results were impressive. We generated more than 3GB of network traffic, and all scans completed successfully and enumerated several vulnerabilities. While some of the SCADA plugins were written some time ago, they are still very effective at enumerating vulnerabilities against SCADA devices, and even support ModBus. Read the full post.
Nessus
Passive Vulnerability Scanner
Note: Passive Vulnerability Scanner (PVS) is now Nessus Network Monitor. To learn more about this application and its latest capabilities, visit the Nessus Network Monitor web page.
SecurityCenter Apps
Dashboards
Reports
Security News Stories
- Hacking Risk Grows for Outdated ATMs
- Apple's Very Different BYOD Philosophy
- A Walk Through the ICS Village
- HealthCare.gov security -- 'a breach waiting to happen' | Security & Privacy - CNET News
- Microsoft will furnish malware assassin to XP users until mid-2015
- Hacker Turns Mouse Into a Webcam
- Introduction to Anti-Fuzzing: A Defence in Depth Aid | NCC Group
- The Changing Face Of The IT Security Team
Related Articles
Securing Financial Data in the Cloud: How Tenable Can Help
November 4, 2024Preventing data loss, complying with regulations, automating workflows and managing access are four key challenges facing financial institutions. Learn how Tenable can help.
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
- LCE
- Nessus
- Nessus Network Monitor
- Podcast
- SCADA
- Vulnerability Management