Tenable Network Security Podcast - Episode 13

Welcome to the Tenable Network Security Podcast - Episode 13

Announcements

• A new video has been released that covers how to use Nessus 4.2, the latest version of Tenable's Nessus vulnerability scanner.
• Tenable Network Security's CEO, Ron Gula, is featured in SC Magazine as one the entrepreneurial visionaries who have launched successful IT security companies in the last 20 years.
• We're hiring! - Visit the web site for more information about open positions, there are currently 14 open positions! We also have a new Facebook Group called Tenable Security Is Hiring where you can go to get more information about open positions (Requires Facebook account to view)
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, Nessus plugin statistics, and more!
• Tenable is pleased to announce the release of the Log Correlation Engine version 3.4. This release has many new enhancements and features, plus some new functionality such as IDS correlation from various sources and new options in the LCE clients to monitor file integrity. For more information on new features in this release, please see the LCE 3.4 Release Notes. Tenable CEO Ron Gula and I had a chat about the features in this new release.

Interview: Marcus Ranum - CSO, Tenable Network Security

Marcus Ranum hacking up computers and challenging us to think differently about security..

Marcus Ranum always brings fresh and new ideas to the table (even if they are old and crusty, he manages to bring them back to life). In this interview we talk about how to sell security to upper management, the origin of the term "script kiddie", and how one nail can be the downfall of the Internet.

Stories

• New 0Day Flaw in Internet Explorer - A zero day exploit has ben released for IE versions 6 and 7 and is reported to run on Windows XP SP3 systems. According to the article, "If the software does pop up in online attacks, it will put pressure on Microsoft to rush out an emergency patch, ahead of its regularly scheduled Dec. 8 security update. ". I don't think that waiting until attackers are using the this exploit so heavily that it starts to show up on our radar screens in the best approach. For home or personal users of IE, they need the patch right away as attackers are likely already using it.
• Firms fail to secure mobile, cloud data, teamwork fail - A recent study highlights some of my own experiences working in IT and computer security. First, they found that companies are unwilling to provide IT the appropriate resources to security mobile computing. Everyone gets an iPhone! That sounds great, but what happens when company data is leaking like a faucet from them? Furthermore, if this happened, how would you know? This quote is classic: ""The (survey) provides still more evidence that companies are racing to adopt new technologies faster than they can understand their impacts on data security and develop effective use and integration policies," Larry Ponemon, chairman and founder of the Ponemon Institute. Ah so true, we tend to be users and consumers of technology, but ignore the risk factors in favor of the "cool" factor. The next point is scary: "The separation between security and operation also caused problems for network defenders. The information-security groups in nearly a third of companies fail to collaborate with their operational counterparts, the survey found."I've worked with network teams, with varying degrees of success, however I never underestimated the importance. You have to work with the IT department in your organization, they are your friends and you need to be there friends. Take them out for drinks, buy donuts on Fridays, whatever you need to do, the folks in IT are a huge part of your organization's security strategy.
• New Plugin: 42862 PHP < 5.3.1 Multiple Vulnerabilities - A new plugin has been released to detect older versions of PHP. The new software released fixes several bugs and vulnerabilities, including safe mode and "open_basedir bypasses.