Blog

Understanding NIST’s Cybersecurity Framework

by Cris Thomas
April 8, 2014

NIST’s Cybersecurity Framework (CSF) is likely to become the basis for what's considered commercially reasonable in regards to securing an organization’s infrastructure. For this reason alone companies should pay close attention to the CSF and, even if they don’t follow it completely, should at least understand where they are deficient and why.

PVS 4.0.2 is now available for download

by Sherry Quinn
April 2, 2014

This maintenance release addresses the following issues:

  • An expired PVS license or activation code sends the user to the Quick-Setup wizard to allow entry of the new license
  • Hosts with Internet facing vulnerabilities were missing the “External Access” tag
  • Filtering issue on the “Affected Host List” was fixed
  • Dependency issue causing some false positives was fixed
  • Improvements were also made including:

    True White-Knuckled Stories of Metrics in Action: Sylvan

    by Marcus J. Ranum
    April 2, 2014

    In this blog series on SecurityWeek, Tenable CSO Marcus Ranum advises security professionals on how they can create and share metrics in their jobs. These metrics can create better understanding and awareness about the success of their approaches, as well as allow them to build support for programs and funding requests.

    When you start your metrics program, you will find that a great deal of information can be gleaned from existing data that gets stored in various places....

    “Who better to target than the person that already has the ‘keys to the kingdom’?”

    by Ron Gula
    March 26, 2014

    In the continuing list of NSA disclosures, it was recently revealed that administrators on target networks were hacked through their Facebook accounts. The leaked NSA document actually stated “Who better to target than the person that already has the ‘keys to the kingdom’?” from which we drew the title for this blog.

    Malware’s Journey from Hobby to Profit-Driven Attacks

    by Ken Bechtel
    March 24, 2014

    While most of my posts focus on malware attacking systems today, the history of malware is a fascinating topic that provides insights into the current landscape. As one of the authors of the Avien Malware Defense Guide, I contributed to the book's chapter on history and will be leveraging and expanding on some of that content here to give context to where we are today.

    Pages