Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Tenable Network Security Podcast Episode 175 - "Modifying Vulnerability Scan Results Post Scan, Old Vulnerabilities"

Announcements

Discussion & Highlighted Plugins

Modifying Vulnerability Scan Results Post Scan

Old Vulnerabilities

  • A new SecurityCenter dashboard was released which allows you to view vulnerabilities older than 30 days. While this can help enforce your patching policies, it's typically the older vulnerabilities that could have the most impact. Often, it takes some time to be able to exploit a vulnerability reliably. Have you looked at vulnerabilities older than a year? How about two years? This query can also help identify machines that have fallen out of the patching process, and it's these systems that can often pose the most risk to security breaches.

Detecting Devices

  • While much of the focus in IT is getting Windows systems and major applications patched, this leaves the smaller things vulnerable. Several new plugins for PVS were added allowing you to detect different types of devices. What's the risk? A great example is a multi-function printer. Most folks don't pay much attention, however, people are faxing/scanning/printing sensitive documents all the time. Some devices keep a record of everything going through the device, and with open shares and default password rampant on these systems, it can lead to data leakage.

New & Notable Plugins

Nessus

Passive Vulnerability Scanner

SecurityCenter Dashboards and Report Templates

Security News Stories

  1. Incomplete Thought: In-Line Security Devices & the Fallacies Of Block Mode
  2. Microsoft pulls security update over software conflicts
  3. Surrendering The Endpoint
  4. With BlackBerry reportedly hacked, is anything secure?
  5. NSA hacking Chinese: it's self defense
  6. Opera network cracked

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.