Tenable Network Security Podcast Episode 181 - "SecurityCenter 4.7 Released, PHP Vulnerabilities"

by Paul Asadoorian
August 29, 2013

Welcome to the Tenable Network Security Podcast Episode 181

Announcements

Discussion & Highlighted Plugins

New Release: SecurityCenter 4.7

  • A new version of SecurityCenter has been released this week.

Measuring What Matters

  • I read an interesting post this week about security metrics. It was a little story about how the person responsible for security gave a quarterly presentation to management. It didn't contain much in the way of metrics, but offered up an entertaining look at the threats, defenses, and general happenings surrounding security. After the presentation, he had support for budget, but purposely left out metrics, claiming they could hurt the security budget. What are appropriate metrics? How can they help or hurt you?

More PHP Vulnerabilities

  • Both Nessus and the Passive Vulnerability Scanner (PVS) got updated this week for detecting vulnerabilities in PHP itself. One of the world's most widely deployed web server technologies, now with more patches to apply. Not only are there concerns about the applications being built on the platform, but also the platform itself. What can users do to protect themselves from being yet another PHP vulnerability?

New & Notable Plugins

Nessus

Passive Vulnerability Scanner

Security News Stories

  1. Getting over the fear of measuring what matters
  2. Installing Printers with PowerShell
  3. Security Researcher Hacks Mark Zuckerberg's Wall To Prove His Exploit Works | TechCrunch
  4. Fibre Channel Reconnaissance - Reloaded | ISC Diary
  5. LinEnum - Scripted Linux Enumeration & Privilege Escalation Checks
  6. levle/rdesktop-fuzzer | GitHub
  7. Nearly One-Fifth Of Enterprise Operating Systems Not Fully Patched
  8. Hackers may cash in when XP is retired

Tenable Network Security offers both live and pre-recorded webinars on a wide variety of topics ranging from industry best practices, to product tours, to cyber threats, and more. Review our webinar archive, and check back often for upcoming live webinars.