Tenable Network Security Podcast Episode 191 - "The Top 10 PVS Questions Answered"
Note: Passive Vulnerability Scanner (PVS) is now Nessus Network Monitor. To learn more about this application and its latest capabilities, visit the Nessus Network Monitor web page.
Announcements
- We're hiring! - Visit the Tenable website for more information about open positions.
- Check out our video channel on YouTube which contains new Nessus, PVS, and SecurityCenter tutorials.
- Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics, and more!
- Want to ask questions about Nessus, PVS, SecurityCenter, and LCE, and get answers from the experts at Tenable? Join the Tenable Discussions Forum for custom scripts, announcements, and more!
- You can subscribe to the Tenable Network Security Podcast on iTunes!
Discussion & Highlighted Plugins
- What is the Passive Vulnerability Scanner (PVS) and what does it do?
- How is PVS different from an IDS?
- How does PVS keep track of sessions and discover applications?
- What are some examples of PVS detecting vulnerable client software?
- How can PVS help detect instances of virtualization in your environment?
- How can PVS be used to detect vulnerabilities in SCADA devices, and why is this important?
- What are some examples of PVS detecting applications?
- How much traffic can PVS handle?
- How can you set up and configure PVS to monitor the wireless network and detect vulnerabilities in smartphones and tablets?
- Does PVS support IPv6?
Nessus plugin topics:
- Nessus now has the ability to upload a custom list of hashes for whitelisting processes and the ability to identify new processes previously not seen.
- We've also added into Nessus the ability to set the number of days your anti-virus software is out of date before generating an alert.
Nessus
- Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers (cisco-sa-20131030-asr1000)
- Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability (cisco-sa-20131106-sip)
- Adobe ColdFusion Multiple Vulnerabilities (APSB13-27) (credentialed check)
- SeaMonkey < 2.22.1 NSS and NSPR Multiple Vulnerabilities
- Oracle JavaServer Faces Multiple Partial Directory Traversals
Passive Vulnerability Scanner
- OpenSSH v6.2 / v6.3 Remote Memory Corruption Vulnerability
- OpenSSH 6.2 / 6.3 Remote Memory Corruption Vulnerability
SecurityCenter Apps
Dashboards
Report Templates
Security News Stories
- ACG Maryland - 2013 Deal of the Year Finalist - Tenable Network Security & Accel Partners
- Risky Business Podcast #304 -- Tech heavyweights target NSA
- Why Ben Franklin would have excelled in cyber security
- Tenable Network Security Named a Deloitte 2013 Technology Fast 500 Award Winner
- Linux backdoor squirts code into SSH to keep its badness buried | The Register
- Hacking of forum software firm vBulletin spawns host of zero-day attacks | The Inquirer
- Netflixers Beware: Angler Exploit Kit Targets Silverlight Vulnerability
- Adobe credentials and the serious insecurity of password hints | Troy Hunt
- Tavis Ormandy: QNX
- w00tsec: Unpacking Firmware Images from Cable Modems
Related Articles
Do You Think You Have No AI Exposures? Think Again
August 6, 2024As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. Building a comprehensive inventory of AI applications in your environment is a first step. Read on to learn what we found about AI application-usage in the real world when we analyzed anonymized telemetry data from scans using Tenable’s products.
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
OT:ICEFALL Research from Forescout Explores Insecure-by-Design State of Operational Technology
June 23, 2022The latest research from Forescout’s Vedere Labs explores the state of risk management in operational technology through the lens of 56 insecure-by-design vulnerabilities.
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!
- Nessus Network Monitor
- Podcast