Nessus Leverages Threat Intelligence from ThreatGRID
Tenable released a new Nessus® plugin – Microsoft Windows Known Bad AutoRuns (Plugin id 74442), which detects the presence of advanced malware on endpoints based on threat intelligence from ThreatGRID. The threat intelligence includes Scheduled Tasks, AutoRuns, and other Windows Registry entries that Nessus® collects while scanning endpoints and cross-references with data from the ThreatGRID feed.
Global Threat Intelligence
ThreatGRID combines advanced malware analysis with deep threat analytics and content to empower security teams to proactively defend against attacks and malware outbreaks. ThreatGRID analyzes millions of malware samples a month, harvested globally and generating terabytes of rich, actionable content every day, to provide customers unmatched scale and coverage from global threats.
Advanced Malware Detection Using Tenable Nessus® and ThreatGRID
This joint solution provides the following customer benefits.
Ability to Detect Persistent Malware
This solution allows customers to find systems that have been infected by malware, even when the malware is dormant (not running) during the time of audit.
Improved Quality of Malware Detection
Customers gain continuous real-time threat intelligence enriched by global and historical context. Nessus leverages this threat feed to improve the quality of detection of new forms of malware, beyond file signature hashes.
Conclusion
The addition of global threat intelligence from ThreatGRID gives the Tenable Network Security Products detections of malicious software that has not been classified or identified by traditional anti-malware solutions. The fact that this feed is updated frequently allows us to improve zero-day malware detection across all endpoints in a customer’s enterprise without updating any software on every endpoint. By including this additional data we are confident in providing network security staff increased security and comfort knowing that if anything slips past their dedicated anti-malware solution, they have a quality service providing a double check.
Related Articles
Cybersecurity Snapshot: North Korea’s Cyber Spies Hunt for Nuclear Secrets, as Online Criminals Ramp Up AI Use in the EU
July 26, 2024Check out a CISA-FBI advisory about North Korean cyber espionage on critical infrastructure orgs. Plus, what Europol found about the use of AI for cybercrime. Meanwhile, the risk concerns that healthcare leaders have about generative AI. And a poll on water plant cybersecurity. And much more!
Kinsing Malware Hides Itself as a Manual Page and Targets Cloud Servers
May 16, 2024Tenable Cloud Security Research Team has recently discovered that Kinsing malware, known for targeting Linux-based cloud infrastructures, exploits Apache Tomcat servers with new advanced stealth techniques. Explore our analysis and the indicators of compromise in this report.
Shifting the Paradigm: Why the Cyber Insurance Industry Should Focus on Preventive Security
May 13, 2024As claims and losses climb, it’s clear that preventive security should be prioritized more when designing a cyber insurance policy. Here’s why preventive security investments are cost effective and can lead to lower premiums.
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!
- Malware
- Nessus
- Plugins
- Threat Intelligence