Tenable Network Security Podcast - Episode 49

Welcome to the Tenable Network Security Podcast - Episode 49

Announcements

• Ron, Marcus, and Renaud present the San Francisco Security Showcase on September 15, 2010! This is a free event that will feature topics such as a Nessus overview and future plans, the advantages of pairing active and passive scanning, an overview and discussion of current security strategies and new industry trends, the past, present and future of regulatory compliance, and a Tenable Network Security product/solutions overview.
• Be certain to check out our video channel on YouTube that contains the latest Nessus tutorials.
• We're hiring! - Visit the web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Interview: Tenable Security Researcher Dennis Brown

In this interview Dennis and Paul discuss:

• New PVS rules to detect database queries
• TASL script that looks for common SQL detection such as Basic SQL Injection Attacks, Logging Data to a File, User/Password Dumps, Detect Locally Executed Commands
• Why the passive monitoring approach is different from what is commonly seen with WAFs and the like

Related discussion forum posts:

• PVS 3.2 SQL Query Detection (April 2010)
• Auditing SQL with PVS and LCE (May 2010)
• Monitoring Suspicious SQL with PVS and LCE (May 2010)

Dennis and Paul also discuss the new Fast Flux detection TASL. More information about this script can be found in the discussion forum posting titled: Fast Flux Network Detection with LCE