Tenable Network Security Podcast - Episode 2

Welcome to the Tenable Network Security Podcast - Episode 2

Announcements

  • New videos on finding Rogue access points and discovering the latest IIS 5 FTP vulnerability uploaded http://tenablesecurity.blip.tv
  • The Tenable appliance was announced, featuring immediate support for Nessus & Security Center, and future support for PVS and LCE
  • As always be sure to check out our blog at http://blog.tenablesecurity.com

Interview: Marcus Ranum on Zero Day Exploits: Defending Your Network

  • If you are speaking to the security professionals responsible for network security, what can you tell them about "0day" exploits that is helpful?
  • Does the media over-hype so-called "0Day" exploits?
  • Why is that remote exploits garner so much attention, I mean XSS vulnerabilities are found everyday and no one seems to notice, yet find a juicy exploit in a commonly exposed network service and everyone goes bonkers?
  • Many people are asking, "Who still uses FTP?". This is a common theme that I see even today, large organizations with mature security architecture using clear-text protocols such as Telnet, FTP, and TFTP, why? What can they do to expedite the usage of secure protocols, or does this even matter?
  • What is missing from most organization's security architecture, in your opinion, that would work to thwart "0day" or even the most common exploits?
  • How do economics work against us when it comes to 0day exploits? For example, there are companies that will hold on to, and sell, "0day" exploits, and there are others that will buy "0day" exploits and work with the vendors to fix them.

We also interview Dan Philpott from FISMApedia!

Stories

Tenable Events

More from the Tenable Blog