Outstanding Patch Tracking Dashboard
February 7, 2017Editor's note: Our dashboards have been updated in the time since this blog was originally published. Please see this page for the latest guidance on Outstanding Remediation Tracking. The IT Operat...
Threat Hunting with YARA and Nessus
July 20, 2016In Nessus 6.7, file system scanning functionality was introduced that could look for specific file hashes of files on disk. This was in addition to the running process detection which has been support...
Installing and Using Nessus on Kali Linux
July 10, 2014Note: These 2014 instructions are for installing Nessus version 5 on Kali Linux. Please see the newer blog, Getting Started with Nessus on Kali Linux, for information on installing Nessus version 6 an...
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
The Big Red Button and the Kill Switch
April 25, 2013I have no idea if I had a role in the "Internet Kill Switch" debacle, but it's possible that I was one of the pushes that got that particularly horrible ball rolling. Back in 2002, when I was between ...
Recap: Geeking Out II with Marcus
April 15, 2013Ron and I spent most of the webcast rotating around the theme of detection algorithms: how do you determine what is normal and what is not? We started off with one of my favorite questions, "Are there...
Tenable Network Security Podcast Episode 163 - "Bind Vulnerability, Windows Hardening"
April 2, 2013Announcements We're hiring! - Visit the Tenable website for more information about open positions. Check out our video channel on YouTube which contains new Nessus and SecurityCenter tutorials. ...
Using Nessus to Audit Microsoft SharePoint 2010 Configurations
January 23, 2013Trust, but Verify Recently, Tenable added audit files for Nessus ProfessionalFeed users allowing them to audit Microsoft SharePoint server configurations. The audit policy uses both operating system ...
Tenable Network Security Podcast Episode 145 - "Source Code Leaks, Problems with Computer Security"
November 8, 2012<h3>Announcements</h3> <ul> <li><a href="http://www.tenable.com/careers/">We're hiring</a>! - Visit the Tenable website for more information about open positions.</li> <li>Check out <a href="http://www.youtube.com/tenablesecurity">our video channel on YouTube</a> which contains new Nessus and SecurityCenter 4 tutorials.</li> <li>Tenable Tweets - You can find us on Twitter at <a href="http://twitter.com/tenablesecurity">http://twitter.com/tenablesecurity</a> where we make product and company announcements, provide Nessus plugin statistics, and more!</li> <li>Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join <a href="https://discussions.nessus.org">Tenable's Discussion Forum</a> for custom scripts, announcements, and more!</li> <li>You can subscribe to the <a href="http://itunes.apple.com/us/podcast/tenable-network-security-podcast/id361250581">Tenable Network Security Podcast on iTunes</a>!</li></ul> <h3>New & Notable Plugins</h3> <h4>Nessus</h4> <ul> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62757">ZABBIX Web Interface popup_bitem.php itemid Parameter SQL Injection</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62776">Temenos T24 Detection</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62783">ManageEngine OpStor Default Administrator Credentials</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62784">ManageEngine OpStor availability730.do days Parameter XSS</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62785">ManageEngine SupportCenter Plus HomePage.do fromCustomer Parameter XSS</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62795">CoDeSys PLC Runtime Service Detection</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62796">CoDeSys Authentication Bypass Directory Traversal</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62797">CoDeSys Unauthenticated Command-line Access</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62798">Oracle VM VirtualBox 3.x / 4.0.x < 4.0.10 Local Integer Overflows</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62800">Kaspersky Password Manager 5.x < 5.0.0.169 HTML Injection</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62801">Mac OS X : OS X Server < 2.1.1 Multiple Vulnerabilities</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62802">Mac OS X : Safari < 6.0.2 Multiple Vulnerabilities</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62803">Apple iOS < 6.0.1 Multiple Vulnerabilities</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62812">CA ARCserve Backup Multiple Vulnerabilities (CA20121018) (credentialed check)</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62813">Symphony CMS Password Retrieval Script XSS</a></li> </ul>
Tenable Releases SecurityCenter Continuous View
August 9, 2012<p>Today, Tenable <a href="http://www.tenable.com/news-events/press-releases/2012-tenable-network-security-unveils-securitycenter-continuous-view" target="_self" title="Tenable Network Security Unveils SecurityCenter Continuous View">announced </a>the availability of a new edition of SecurityCenter, called Continuous View.</p> <p>This edition of SecurityCenter uniquely encompasses both scanning and monitoring, with the inclusion of Tenable's Passive Vulnerability Scanner (PVS). That makes SecurityCenter Continuous View uniquely capable of addressing vulnerability, configuration, and compliance management requirements for emerging technologies like mobile devices, cloud-based services, social applications, and virtual systems.</p> <p>The flexible licensing approach provided by SecurityCenter Continuous View allows enterprise customers to deploy PVS in much the same way as they do with Nessus within SecurityCenter, pretty much as many as needed.</p> <p>Existing SecurityCenter customers can upgrade to a ContinuousView license and begin to enjoy the benefits of continuous monitoring with PVS. These include:</p> <ul> <li>Real-time identification of server and client vulnerabilities </li> <li>Identification of mobile devices and their vulnerabilities </li> <li>Passive discovery of all internal and external web servers and databases </li> <li>Identification of trust and communication paths </li> <li>Passive monitoring of virtual environments </li> </ul>