Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Nessus HTML5 Interface is Generally Available!

Thank you for providing feedback on the Nessus HTML5 beta interface. The beta feedback period is now closed, and the Nessus HTML5 interface is generally available (GA) to Nessus ProfessionalFeed and Nessus Perimeter Service customers, as well as Nessus HomeFeed users. To access the Nessus HTML5 interface, visit https://nessusserver:8834/html5.html (replace “nessusserver” with the IP/hostname of your Nessus server).

Read More

Nessus Now Audits Juniper Junos Configuration

Keeping Your Routers and Firewalls in Check

Continuing with the theme of helping you secure and maintain your critical infrastructure (see our previous post: "New Nessus Compliance Checks Available for Check Point GAiA"), we are pleased to announce the availability of Juniper Junos compliance checks. Junos is the underlying operating system (OS) powering Juniper's routers, firewalls, and network switches.

Read More

New Nessus Compliance Checks Available for Check Point GAiA

Keeping Your Firewalls in Check

Ensuring that your network infrastructure, in particular your routers and firewalls, is secure and maintains its integrity is critical to successfully defending your network. If an attacker were to gain control of these types of systems, they could potentially impact the security of your network as a whole. For example, an attacker with access to your firewall could read the firewall rules and use the information to selectively attack open services and create backdoors that would slip through your firewall.

Read More

Using SSL to Secure Your Vulnerability Data

The Benefits of Proper SSL Configuration

Protecting your vulnerability data from unauthorized users, whether the threat comes from external attackers or malicious insiders, is an important part of a vulnerability management program. Nessus allows users to configure SSL to provide both privacy and authentication. SSL can be configured locally or integrated into your own PKI infrastructure, allowing Nessus to be compliant with in-house security policies and standards.

Read More

Nessus Scanning Windows 8 Hosts

Windows8

The new Windows 8 interface provides a very different user experience than past Microsoft operating systems. Nessus can enumerate and detect vulnerabilities on Windows 8 hosts.

Recently, Microsoft made several announcements surrounding new technology, including a new operating system (Windows 8) and a new tablet platform called "Surface." Windows 8 will present a new interface and several new changes under the hood. They're an offshoot of the new platform called Windows RT, a small, fast, and lightweight version designed to run on ARM-based tablets. In fact, this is much of the reason behind the concept of Windows 8 -- it’s meant to run on tablets and touch screens. Windows Phone 8 is the new OS for Windows-based phones, such as those from Nokia.

Read More

Uncovering SSL Anomalies In Your Network Using SecurityCenter

Looking in More than One Place

Nessus, PVS, and LCE offer several methods for auditing SSL protocol usage on your network(s). SSL is commonly used to secure websites, but also protects email, file sharing, and many other services. This post lists some generic SSL capabilities found in all Tenable products, and shows how you can combine them to generate useful reports and dashboards.

On the vulnerability identification side, Nessus uncovers many issues with SSL certificates, such as outdated certificates, unsigned certificates, and much more (see the screenshot below for more examples). SSL implementations shipped with appliances often use unsigned certificates, and rely on the administrator to install their own valid certificate. Without a properly signed certificate, man-in-the-middle attacks become considerably easier. If you’re an e-commerce shop, improper SSL implementations will also cause you to become non-compliant with PCI DSS standards.

SSLNessuplugins sm

A sample of Nessus plugins associated with identifying problems with SSL certificates. (Click for larger image)

Read More

#1 Nessus is an Enterprise Tool - Top Ten Things You Didn't Know About Nessus

The final installment in our "Top Ten Things You Didn't Know About Nessus" video series describes how Nessus is used in the enterprise. Additional products from Tenable, such as, SecurityCenter, the Passive Vulnerability Scanner (PVS), and the Log Correlation Engine (LCE), are used to fill the gaps and extend the functionality of your vulnerability management program.

The video covers how you can overcome problems such as:

Read More

Nessus Patch Management Integration Now Supports IBM Tivoli Endpoint Manager

Nessus and SecurityCenter now support Tivoli Endpoint Manager (TEM) as a patch management platform in which patch-level information can be extracted for given scan targets.

Nessus Patch Management Support

We are pleased to announce new support for IBM Tivoli Endpoint Manager (TEM) for Patch Management (formerly known as BigFix). This new capability allows us to use the information gathered by TEM from systems where we may not have credentials or we’re unable to reach such systems over the network. The TEM integration is configured similarly to our integration with other patch management solutions where credentials and the server IP address/hostname are provided so Nessus can retrieve the patch information for the hosts targeted in the scan.

In addition to TEM, Nessus and SecurityCenter also integrate with the following popular patch and system management solutions:

  • Microsoft Windows Server Update Services (WSUS)
  • Microsoft System Center Configuration Manager (SCCM) 2007
  • Red Hat Network Satellite Server
  • VMware Go (formerly known as Shavlik)

In order to make use of this feature, be certain you've configured TEM properly. Refer to this discussion post for more information and instructions.

Read More

Nessus HTML5 Interface Beta Available!

Until now, the Nessus interface has been using Flash, which has a number of advantages as a development platform, but also has a lot of drawbacks. One of the reasons we implemented a Flash interface for Nessus was that Flash "behaves the same on every browser" (which turns out is not always the case), and it was reasonably fast to run the client (it's now outperformed by the newest javascript engines). Flash also doesn't offer a good "mobile" user experience, if at all. So, it makes sense to use a standard-based technology, and we're moving to HTML5.

So we've released the HTML5 interface as a public beta -- the default Nessus interface will still be Flash for now, but if you connect to your scanner using a browser which doesn't have Flash installed, or if you go directly to the correct URL, you'll have the option to use the beta version of the HTML5 client.

The HTML5 beta interface is available immediately by accessing the URL https://localhost:8834/html5.html (where localhost is the IP address or domain name of your Nessus server). Simply make sure your Nessus plugins are up-to-date.

Read More

Auditing Open Ports on Windows Systems Using Nessus

Tenable recently released three new checks used for auditing the configurations of Windows systems. The new configuration auditing options allow users to audit open ports. This post provides details about the three new checks, and describes how Nessus users could use them to maintain tight control over the number of open ports on their Windows systems.

1. AUDIT_ALLOWED_OPEN_PORTS


This check allows users to audit the list of open ports against an "allowed" list of ports that can be open on a target. For example, let’s assume there is a company policy to only allow SMB ports 445 and 139 to be open on a target. The resulting configuration audit would look as follows:
&ltcustom_item&gt
type : AUDIT_ALLOWED_OPEN_PORTS
description : "Audit TCP Open Ports"
value_type : POLICY_PORTS
value_data : "445,139"
port_type : TCP
&lt/custom_item&gt
Read More

Tenable Inks Deal With In-Q-Tel

Tenable Network Security announced today it has established a strategic partnership and technology development agreement with In-Q-Tel. In-Q-Tel is the not-for-profit, strategic investment firm that works to identify, adapt, and deliver innovative technology solutions to support the missions of the U.S. Intelligence Community. Under the terms of the agreement, Tenable will develop secure audit and remediation capabilities that will assist intelligence agencies in continuously outpacing emerging cyber threats.

Read More

Default Credentials: Low-hanging Fruit in the Enterprise

Passwords are Like Underwear, and It's Laundry Day

Perhaps one of the most easily overlooked security problems in the industry is password security. I'm not referring to the stored end-user password problems (discussed here), but the default (or weak) usernames and password combinations used to protect common administrative interfaces to applications and systems.

The problem stares us in the face every day, each time we log into a router, database management system, or remote access console and enter a password. Often we put a lot of time and effort into securing the end user-facing passwords, such as implementing account lockout password policies and forcing them to change their passwords at a regular interval. I find it ironic that the applications and devices used to run the organization often do not implement the same controls. Hundreds of applications and/or devices are known to be deployed with default passwords, and if not changed before or immediately after they are plugged into the network, can present serious risk to the organization.

Lowhangingfruit

Default credentials are considered "low-hanging fruit" for two reasons. First, they are easily exploitable by an attacker and can often lead to a serious security breach. Second, once you've identified the problem, it is easy to fix by setting a more secure password.

Read More

0-Day Java Vulnerabilities and Dealing with Vulnerable Client Software

0-day or Not, Clients Are Vulnerable

Whenever there is a new vulnerability in popular software found on users’ desktops, such as Java, Adobe Reader, Adobe Flash, or Mozilla Firefox, the media goes into a frenzy and a lot of articles are published on the topic (often not containing much useful information). The most recent case is a particularly nasty vulnerability affecting Oracle Java, which can be successfully exploited on Windows, OS X, and Linux. While this vulnerability is generating buzz, it’s not all that different from any other popular software in use on users’ desktops that contains a vulnerability. Additionally, there is likely a population of exploits for such software that has yet to be disclosed and is being bought and sold on the black market. In fact, journalist Brian Krebs interviewed the creator of the Blackhole exploit kit who stated, "he was surprised that someone would just leak such a reliable exploit, which he said would fetch at least $100,000 if sold privately in the criminal underground."

Furthermore, it has been known for some time that a Java applet can be used to trick clients into running a malicious payload. Functionality within the Social Engineering Toolkit (SET) allows you to construct a fake website and distribute such a payload. The difference is that the user will have to click "Allow" for this action to occur. While this will decrease the success rate of malware deployment using this method, it will work on Windows, OS X, and Linux.

Read More

Nessus - The Swiss Army Knife of Vulnerability Scanning

Useful Tools

Nessus has provided organizations with a wide variety of techniques for identifying vulnerabilities in your IT infrastructure. The foundation has long been proven, as Nessus will accurately identify vulnerabilities across the network, using credentials to gather patch level and other information, and assist with system hardening by performing compliance checks.

IStock 000009153291XSmall

However, in recent years there have been significant improvements made to both the Nessus scanning engine and its feature set. Of course, over time Nessus has been able to consistently shave the time it takes to remotely scan systems and networks. In addition, Nessus has added support for threading and 64-bit platforms, and improved memory management. Alongside the continuous stream of performance improvements, we've introduced many new tools for the end user.

View the top 5 major new tools, in no particular order, that are now included with Nessus and SecurityCenter.

Read More

Tenable Receives Highest Rating of "Strong Positive" in Gartner Vulnerability Assessment MarketScope Report

Late yesterday, Tenable announced SecurityCenter™ received a "Strong Positive" rating in Gartner's 2012 MarketScope for Vulnerability Assessment. The report provides guidance to security professionals evaluating options for vulnerability assessment. Gartner rates vendors based on evaluation criteria including market responsiveness and track record; product offering strategy; product functions such as base scanning methods, scope of vulnerability assessment, workflow and remediation support, and reporting capabilities; viability; and customer experience.

Read More

Tenable Releases SecurityCenter Continuous View

Today, Tenable announced the availability of a new edition of SecurityCenter, called Continuous View.

This edition of SecurityCenter uniquely encompasses both scanning and monitoring, with the inclusion of Tenable's Passive Vulnerability Scanner (PVS). That makes SecurityCenter Continuous View uniquely capable of addressing vulnerability, configuration, and compliance management requirements for emerging technologies like mobile devices, cloud-based services, social applications, and virtual systems.

The flexible licensing approach provided by SecurityCenter Continuous View allows enterprise customers to deploy PVS in much the same way as they do with Nessus within SecurityCenter, pretty much as many as needed.

Existing SecurityCenter customers can upgrade to a ContinuousView license and begin to enjoy the benefits of continuous monitoring with PVS. These include:

  • Real-time identification of server and client vulnerabilities
  • Identification of mobile devices and their vulnerabilities
  • Passive discovery of all internal and external web servers and databases
  • Identification of trust and communication paths
  • Passive monitoring of virtual environments
Read More

Detecting Mobile Device Vulnerabilities Using Nessus

The Mobile Device Threat

Without question the security of mobile devices is on the minds of almost every IT department. The average mobile worker carries 3.5 mobile devices at all times, a number that has doubled within the past three years and will likely continue to grow. The problem most organizations face is the workforce uses mobile devices, whether owned by your organization or not, to access company resources. This presents several problems, including not knowing who is using which device, if the devices have the latest software updates, or if device has been tampered with (i.e., jailbroken).

Getting a Handle on Mobile Device Security

Nessus has implemented new features to help users combat mobile threats. Network-based scanning is not the right approach to identify vulnerabilities on mobile devices, due in large part to the fact that most devices are in "sleep" mode and/or using a 3G/4G network. However, MDM (Mobile Device Management) technologies maintain information about the devices, including information about security vulnerabilities.

To learn more about detecting mobile device vulnerabilities with Nessus you can view a video tutorial on our YouTube channel:

The new "Mobile" tab in Nessus allows Nessus ProfessionalFeed customers to enter credentials for either (or both) Apple Profile Manager or Microsoft's ActiveSync. Nessus then uses the credentials to gather information about the type of device, who is using it, and mobile device vulnerabilities.

Read More

If a Security Control Falls in the Forest...

Many guidelines and compliance standards state that in order to be "secure" or "compliant" all of your systems must be patched. Turns out that this is easier said than done. Just when you believe your systems to be patched, something fails and patches seemingly disappear. We can then apply the "falling off" principal to several other areas of information technology, such as web applications, configuration management, and antivirus software. How do security controls in these areas fall off? Read about how this might happen and what you can do to help correct the problems.



Read More

A Look Inside the Ransomware Ecosystem

Download the Report >

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.