Clik here to view.
Tenable Issues Shellshock Detection Plugins, Wizard, Dashboard
As many of you know, a major vulnerability was discovered yesterday.
View ArticleClik here to view.
Integrating Vulnerability Data with an Identity Services Framework
With Tenable’s Nessus, security and compliance teams can audit and inventory devices and software to identify what is malicious, abnormal or out-of-compliance. However, do you ever need to pinpoint the...
View ArticleClik here to view.
Aftershocks
It has been less than a week since news of the Shellshock vulnerability emerged, and the dust hasn’t settled yet.
View ArticleClik here to view.
Hunting For Shellshock Using Nessus
The best way to test for the Shellshock vulnerability is to do a credentialed local check against the Unix/Linux distribution. Nessus contains a number of plugins that make sure the operating system is...
View ArticleClik here to view.
Recent Malaysian ATM Attacks Underscore Criticality of Continuous Monitoring
Recently, an unusual series of attacks occurred against ATM machines in Malaysia.
View ArticleClik here to view.
Strategies for Security Governance
In my last post, I gave some reasons why your board of directors and senior management need to be involved in your security efforts.
View ArticleClik here to view.
Threat and Vulnerability Management: The Podcast
In this October 13, 2014 podcast with Down the Security Rabbithole, Tenable CEO Ron Gula is interviewed by cohosts Rafal Los, James Jardine and Michael Santarcangelo on the subject of Threat and...
View ArticleClik here to view.
Bashing Big Data
Big data is everywhere. So is Bash, a command line interface found on most Linux and Unix machines. New Bash bugs are still being uncovered, with new patches coming out regularly. But hackers in the...
View ArticleClik here to view.
Black Hat Europe 2014
Black Hat Europe 2014, a premiere conference on information security, convened in Amsterdam this October. The Tenable EMEA team was there in full force, meeting customers and conversing with other...
View ArticleClik here to view.
Addressing the New Threat Landscape with Continuous Network Monitoring
Since the creation of tools like Nessus, the pioneering technology written by Renaud Deraison back in 1996, vulnerability management tools have helped users gain an incredible amount of insight into...
View ArticleClik here to view.
Nessus Leverages Cybersecurity Coalition Research to Detect a Major Threat Actor
In a pioneering cooperative effort, several industry security leaders, including Tenable, have been working on a project led by Novetta Solutions to investigate, report on, and take action against the...
View ArticleClik here to view.
Breaking Cyber Kill Chains®
The “cyber kill chain®”1 is a model for framing an incident response/analysis capability that was developed by Lockheed Martin
View ArticleClik here to view.
Identifying the Weakest Links in Cyber Kill Chains®
In today’s security environment, with highly motivated cyber attackers employing increasingly sophisticated techniques to break through commonly deployed defenses, just one skillful intruder can...
View ArticleClik here to view.
Blaming Victims
At a recent conference, I heard a security practitioner blame a couple of users for being dummies who click on everything. He then said, “At a certain point, it's reasonable to blame the user.
View ArticleClik here to view.
Old Malware Threats Re-emerge
This week, the industry press is reporting a resurgence of older malware threats with new capabilities. And as usual, the press is making the threats sound like the end of the Internet as we know it....
View ArticleClik here to view.
Is MS14-066 the Windows Shellshock?
The latest Patch Tuesday from Microsoft (November 11, 2014) includes fixes for some major vulnerabilities, including remote code execution bugs affecting core Windows components and Internet Explorer.
View ArticleClik here to view.
Why Periodic Security Scans Aren’t Good Enough in Today’s Threat Environment
In a recent post in Wired’s Innovation Insights blog, Ron Gula explains why continuous monitoring is needed as preventive healthcare to protect today’s IT landscape.
View ArticleClik here to view.
Why Be Normal? Especially if you Don’t Know What Normal is!
Continuing his blog series on SecurityWeek, Tenable’s Marcus Ranum discusses the challenges in presenting and comparing system metrics. Metrics should be normalized and placed in context for effective...
View ArticleClik here to view.
Nessus v6 is Now Available
Today Tenable has released Nessus v6 for download. This latest version helps reduce your attack surface by enforcing compliance and system hardening policies.
View ArticleClik here to view.
Is Cyber Insurance Your Last Line of Defense?
In a new article on BetaNews, Tenable’s Jeffrey Man discusses the viability of cybersecurity insurance for companies that experience payment card breaches. “Is cyber insurance your last line of...
View Article