Tenable Network Security Podcast - Episode 200

Welcome to the Tenable Network Security Podcast Episode 200

Announcements

  • We're hiring! - Visit the Tenable website for more information about open positions.
  • Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join Tenable's Discussion Forum for custom scripts, announcements, and more!
  • You can find links to subscribe to Tenable's Podcast feed, YouTube Channel, Twitter and Facebook accounts at http://www.tenable.com/podcast!

Discussion

  • SCADA Device Vulnerability Detection - How do we do it? Scan, Sniff, Log, "Real-time" all these words come into play, but what do they really mean and how do they help you solve problems and reduce risk? How do we deal with XP in this environment? How do we deal with XP in general? Read More
  • Why Isn't My Host Vulnerable?- Lots of questions like this, in the past week, welcome to our world. Three things: 1) Use the audit trail to find out why a plugin did not run (e.g. Your host is not running SSL) 2) Use the knowledge base to find which plugins did fire (e.g. Did you enable a port scanner on all ports?) 3) Monitor Logs/Packets - Fire up tcpdump/wireshark, see if traffic is getting there, look in the logs on the target and see what is happening.
  • Looking For The Right Stuff - Like this
  • Query to find active vulnerabilities 30 days old or more. When you are collecting all the stuff, you can ask questions like this and get answers. Such as "which hosts are running SSL?" or "Which hosts have SSL certificates older than a week?".

Nessus

Passive Vulnerability Scanner

Vulnerability Detection

SecurityCenter Apps

Dashboards

Reports

Security News Stories

  1. Notorious troll and hacker Weev has conviction overturned
  2. OpenSSL: The single line of code that broke online security
  3. How To Securely Erase Your SSD Without Destroying It
  4. The security of the most popular programming languages
  5. Google Might Reward Secure Websites With Better Ranking
  6. Galaxy S5 Fingerprint Scanner Hacked With Glue Mould
  7. Organizations suffer SQL Injection attacks, but do little to prevent them
  8. HD Manufacturer LaCie Admits Yearlong Data Breach
  9. Windows XP Alive & Well in ICS/SCADA Networks
  10. Black Hat USA 2014: Pentesting? Thought You'd Never Ask

More from the Tenable Blog