Tenable Network Security Podcast Episode 196 - "Endpoint Pro"

Welcome to the Tenable Network Security Podcast Episode 196

Announcements

Discussion & Highlighted Plugins

  • Endpoint Protection - New vulnerabilities have been remediated in the Symantec Endpoint Protection product. What many may not know is that this product does whitelisting. What are your thoughts on whitelisting, how can it help and is it feasible in some or many environments?
  • Sonos, Smart TV, Playstations - Many will state that these such devices "are not on my network." But how do you know unless you look? How common are home and SOHO products on enterprise networks? What risks do they pose?
  • Defining Critical - Last week we talked about critical vulnerabilities. This week, I want to turn the focus to critical log events. SANS published the "SANS 6 Categories of Critical Log Information" -- is this applicable to most organizations? Is one person's log data going to have different forms of "critical"? Or, are there categories that we can all share in common, and how many custom categories should you create?

Nessus

General

Passive Vulnerability Scanner

SecurityCenter Apps

Dashboards

Reports

Security News Stories

  1. SANS 6 Categories of Critical Log Information
  2. No sixth sense: '123456' is worst password of 2013 | Crave - CNET
  3. Snapchat's new verification already hacked | Security & Privacy - CNET News
  4. Linksys & Netgear Backdoor by the Numbers | Skizzle Sec
  5. Metasploit: Making Your Printer Say "Feed Me a ... | SecurityStreet
  6. How I bypassed 3rd-degree profiles in LinkedIn
  7. SI6 Networks
  8. Apple punts patches for holes in Pages and OS X, Windows iTunes
  9. Michaels Data Breach Under Investigation
  10. Punish careless employees to reduce security breaches, vendor says
  11. Authentication bypass bug exposes Foscam webcams to unauthorized access