Tenable Network Security Podcast 110
Welcome to the Tenable Network Security Podcast Episode 110
Hosts
- Paul Asadoorian, Product Evangelist
- Carlos Perez, Lead Vulnerability Researcher
- Ron Gula, CEO/CTO
- Jack Daniel, Product Manager
Announcements
- Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials. We recently added a 38-minute tutorial of Nessus, covering most of the basic features.
- We're hiring! - Visit the Tenable website for more information about open positions.
- You can subscribe to the Tenable Network Security Podcast on iTunes!
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
- PVS 3.6.0 for Linux now Available - Added the "Strip VLAN tags" setting to ignore the VLAN header, Nessus V2 report output format support, Deprecated the "failure-threshold" configuration setting, Improved stability when parsing PASL scripts, New license format (Requires a new license)
New & Notable plugins
- Use Nessus to find XSS and HTML Injection Vulnerabilities in your Cacti servers 0.8.7g
- Use Nessus to detect when SMB signing is disabled on your Windows hosts
- Detect vulnerabilities in Oracle databases from the January 2012 critical patch update with Nessus
- Detect the latest PHP denial of service vulnerability (CVE-2011-4566, CVE-2011-4885) with PVS
Interview: Dale Peterson of Digital Bond
Dale is an internationally-renowned SCADA security technologist and is responsible for a large amount of the available technical SCADA security content. In addition to his widely read SCADA security blog, Dale has written two Protection Profiles for NIST’s PCSRF, many whitepapers, magazine articles and presentations.
- What is S4 and how did the conference go this year?
- What were some of your favorite talks from S4 this year?
- Vendors in the SCADA industry come under heavy fire from several in the security community. What can we do to help improve this siutation?
- Have industrial systems gotten more resilient over time? For example, are they able to be scanned across the network or are local checks still preferred?
- Recenty our respective research teams worked on creating several new Nessus and PVS plugins for several SCADA vulnerabilities. What are some of the vendors and products that have been added?
- What is Project Basecamp?
- Tell us about some of the other projects at Digital Bond, such as SCADApedia, Bandolier, Portaledge, and Quickdraw SCADA IDS
Stories
- Hacking critical infrastructure systems now as easy as pushing a button?
- Quantum physics enables perfectly secure cloud computing
- ‘Citadel’ Trojan Touts Trouble-Ticket System
- Mozilla pushes browser-based alternative to passwords
- Security Manager's Journal: You can't secure every employee's home
Download Tenable Network Security Podcast 110 (mp3)
Related Articles
Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!
- Podcast