Tenable Network Security Podcast - Episode 10

Welcome to the Tenable Network Security Podcast - Episode 10

Announcements

• New blog post "Defeating Zombies: Five Ways To Improve Defenses"
• Tenable placed 270th on the Deloitte Fast 500 2009 list, Nessus was awarded a Silver "Reader's Choice" award from Information Security Magazine, and another "Reader's Choice" award from WindowsSecurity.com
• We're hiring! - Visit the web site for more information about open positions, there are currently 14 open positions! We also have a new Facebook Group called Tenable Security Is Hiring where you can go to get more information about open positions (Requires Facebook account to view)
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, Nessus plugin statistics, and more!

Interview: Jason Holcomb - SCADA Security

Jason Holcomb - Digital Bond

Jason Holcomb is a key contributor to Digital Bond's control system security research and consulting practice with a lead role in asset owner security assessment services. He is also the technical lead for Bandolier, a Digital Bond research project for the US Department of Energy. In this role, he is working with vendors and asset owners to identify optimal security configurations for control system applications. As a result of Mr. Holcomb's work with Bandolier, thousands of security settings buried in the applications and operating systems are now--for the first time ever--catalogued and measurable using the Bandolier security audit files.

Stories

• Better Security For All - This is an interesting account of a security professionals journey to getting all of the machines in the Windows domain to adhere to an logout timer setting. They queried the machines on the network and found that 70% of their users had disabled the logout timer all together. However, they found that 1500 machines had been changed such that they would log out after 10 minutes, when the policy was going into effect that would change it to 15 minutes for all computers, and not give the end user the option to change it. You should be considering applying this policy in your domain as well, even if the other peers in your industry are not. I've always been skeptical when a manager asks me, "well, what is everyone else doing?". It goes back to my credo that you need to be in charge of risk management and security in your environment and make sure it reflects your bottom line, not someone else's.
• Windows 7 Forensics - Great post from Rob Lee over at the SANS Institute that covers some of the changes in Windows 7 and how they effect forensics, and specifically the browser configuration/history, and roaming profiles.
• Auditing Approved Services with Nessus Policy Compliance and WMI - A great post from Jason (interviewed on this episode!) on how to use Nessus audit files to be certain that only approved services are running (He uses WMI, go Jason!).
• Don't Be The Smelly Kid - This is a great little post that compares security to good hygiene, as in something you are never completely done with, but that has to be done on a regular basis. So don't be the smelly kid!
• Nessus Plugin For Firefox Released - Vulnerabilities in the browser can be deadly as malicious code can hide on just about any web page, its important to update your browser and query your environment to be certain all your users are up-to-date as well. Nessus plugin 42306 will check that Firefox is on the latest, 3.5.4, version.

Tenable Events

• 2009 OWASP Application Security Conference in Washington, DC at the Walter E. Washington Convention Center on November 10-13th, 2009
• October 26-30 - 5th Annual IT Security Automation Conference in Baltimore, MD
• November 6-7 Dojocon