Tenable Network Security Podcast - Episode 9
Welcome to the Tenable Network Security Podcast - Episode 9
Announcements
- New blog post & video "Using Nessus To Audit Microsoft Patches"
- Tenable placed 270th on the Deloitte Fast 500 2009 list, Nessus was awarded a Silver "Reader's Choice" award from Information Security Magazine, and another "Reader's Choice" award from WindowsSecurity.com
- We're hiring! - Visit the web site for more information about open positions
- Tenable Tweets - You find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, Nessus plugin statistics, and more!
Interview: Andrew Hay
Andrew Hay is a Canadian security professional, author, and speaker living in Lethbridge, Alberta, Canada. In this interview we talk about securing university environment, SecTor, and much more!
Stories
- Ron Gula and I have a chat about the recent Rapid 7 Acquisition of Metasploit.
- Scan of Internet Uncovers Thousands of Vulnerable Embedded Devices - Researchers scanning the internet for vulnerable embedded devices have found nearly 21,000 routers, webcams and VoIP products open to remote attack.
- Time Warner cable modem/router major security hole - 65,000 devices were found to be vulnerable to a vulnerability that allows remote management. Not only that, the devices were configured to use WEP to "protect" the wireless network.
- Scanning Embedded Systems In The Enterprise With Nessus - See our article on the topic of embedded device security and how you can use Nessus to audit the security of these devices.
- "Evil Maid" Attacks on Encrypted Hard Drives - Excellent article summarizing some of the attacks that could allow attackers to unlock your encrypted hard drive.
- Whitehouse Drupal and The Open Source Security Model - Great article by RSnake who makes a point about open source software, you can pen test it all day long without sending any packets to your target organization.
Tenable Events
- October 26-27 - Tenable will be at the Techno Forensics conference in githersburg, MD
- October 26-30 - 5th Annual IT Security Automation Conference in Baltimore, MD
- November 6-7 Dojocon
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
Cybersecurity Snapshot: New Guides Offer Best Practices for Preventing Shadow AI and for Deploying Secure Software Updates
October 25, 2024Looking for help with shadow AI? Want to boost your software updates’ safety? New publications offer valuable tips. Plus, learn why GenAI and data security have become top drivers of cyber strategies. And get the latest on the top “no-nos” for software security; the EU’s new cyber law; and CISOs’ communications with boards.
- Podcast