Tenable Network Security Podcast - Episode 94
Hosts:
- Paul Asadoorian, Product Evangelist
- Jack Daniel, Product Manager
- Carlos Perez, Lead Vulnerability Researcher
Announcements
- Several new blog posts have been published this week, including:
- Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials. The latest video is titled "Top Ten Things You Didn't Know About Nessus #10".
- We're hiring! - Visit the Tenable web site for more information about open positions.
- You can subscribe to the Tenable Network Security Podcast on iTunes!
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics and more!
Stories
- One Third Of Security Pros Not Practicing What They Preach - "Survey shows security pros breaking security policies for convenience, and overall difficulty in making major changes to security technologies and strategies" - An interview with our very own Ron Gula.
- "TaoSecurity Security Effectiveness Model" - A good reminder that we should consider the motivations of attackers when planning your defenses.
- "Details of the RSA Hack" - Turns out it was an email to HR applying for a job. I can't tell you how many times this has been successful on penetration test.
- "Morto Windows Worm spreading via RDP Remote Desktop Connections" - A password brute-forcing worm is being successful, this should not be the case!
- "Tenable Ranks 17th Among Security Companies on Inc. 5000" - Hey wait, that's us!
- "Malicious infections enter 99% of enterprise networks" - I remember ten years ago consulting with organizations on security. I would tell them that if systems on their network had "spyware", they were in fact compromised. It seems we have not learned from the past, and still overlook malware on the desktops as a primary threat.
- "Digital Certificate Authority Hacked - While its bad when this happens, the important defensive measure it to discover it as quickly as possible and revoke certificates and update CA lists.
- "Digital Hit Men for Hire Krebs on Security" - I love stories such as this that provide insight into the world of "cyber crime".
- The Urban Legend of Multipass Hard Disk Overwrite - I re-write 20,000,000 times, then I break out the sledge hammer, is that overkill?
- Universities Account for a Higher Number of Breaches - Having worked in this space, and commented on University security a lot, I'm curious to hear from others on the show.
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Securing Financial Data in the Cloud: How Tenable Can Help
November 4, 2024Preventing data loss, complying with regulations, automating workflows and managing access are four key challenges facing financial institutions. Learn how Tenable can help.
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
- Podcast