SC Magazine Awards Time
October 15, 2007It's time once again to vote for your favorite security companies and products with SC Magazine.Tenable has submitted the Nessus 3 Vulnerability Scanner for the 'Best Audit/Vulnerability Assessment' ...
Being the Caveman - Tenable Style
October 10, 2007After reading Richard Bejtlich's "Be the Caveman" blog post about the convicted hacker Robert Moore, I felt it would be interesting to show how unifying vulnerability monitoring, configurati...
SANS Technology Institute - Interview with Tenable's Director of Sales Engineering
October 9, 2007Dave Breslin, Tenable's Director of Sales Engineering, was recently interviewed by Stephen Northcutt, President of the SANS Technology Institute, about recent advances in network security and describe...
Log Correlation Engine 2.0.3 Released
October 8, 2007Tenable has recently released version 2.0.3 of the Log Correlation Engine (LCE). This blog entry will highlight the new features as well as recent enhancements to the log parsing rule sets and the eve...
Plaintext HTTP Authentication Detection
October 4, 2007Tenable's research group recently added checks to both Nessus and the Passive Vulnerability Scanner to detect HTTP authentication which occurs over plain-text. This blog entry will discuss why this is...
Why Aren't Any NAC vendors CIS Certified or speaking XCCDF?
September 27, 2007I was asked this question by a customer of ours at the recent NIST SCAP conference and I'm loosely paraphrasing: "We use Nessus and the Security Center to audit 1000s of workstations and lapt...
Everything You Ever Wanted to Know about 15,385 Nessus Plugins
September 26, 2007Tenable provides a wide variety of information on our vulnerability plugins to the public. This includes RSS feeds, a plugin writer mailing list and an on-line search portal. By visiting the plugins s...
Using Nessus Configuration Audits To Test FDCC Compliance
September 25, 2007Tenable has recently announced FDCC audit policies for Nessus ProfessionalFeed and Security Center users. These policies help government organizations test Windows XP Pro and Vista desktops against OM...
Digital Bond OPC Hardening Guide
September 21, 2007If you are using Nessus to audit a control system network, Digital Bond has recently released a set of guidelines (part 1, 2 and 3) for securing OPC servers. These guidelines include three Nessus conf...
Active and Passive TOR Detection
September 19, 2007Tenable's research group has recently released several updated plugins for both the Nessus scanner and Passive Vulnerability Scanner to detect Tor in operation and waiting for connections. Tor is a ...
Creating Packet Traces of Nessus Scans
September 10, 2007Nessus 3 UNIX scanners have the ability to save all of their generated packets as a convenient libpcap compatible file. This means you can save your scans and view them under applications such as TCPD...
Unified Security Monitoring
September 6, 2007Tenable has launched our Unified Security Monitoring (USM) concept. There is a new white paper available which details how event monitoring, vulnerability analysis and configuration auditing can all b...