Tenable released a new Nessus® plugin – Microsoft Windows Known Bad AutoRuns (Plugin id 74442), which detects the presence of advanced malware on endpoints based on threat intelligence from ThreatGRID. The threat intelligence includes Scheduled Tasks, AutoRuns, and other Windows Registry entries that Nessus® collects while scanning endpoints and cross-references with data from the ThreatGRID feed.
Tenable is excited to release a set of dashboards, reports and components that help our financial services customers collect and document necessary data for the SEC Office of Compliance Inspection Examinations Risk Alert. The Risk Alert includes an Appendix that is a sample request for documents and information, which the SEC OCIE can use to evaluate the organization’s security program. This content leverages Tenable Network Security’s SecurityCenter Continuous View (CV) along with its Continuous Monitoring framework to ease the effort needed to follow the guidelines in the Risk Alert.
Today, we announced that all Tenable solutions have been validated by Coalfire for use in VMware environments for Payment Card Industry Data Security Standard (PCI DSS) version 3.0, the latest version of the standard.
You may be wondering – Well, what does it mean to me?
Several new vulnerabilities were disclosed in OpenSSL yesterday (yes the very same one which led to the Heartbleed vulnerability), along with updates for the popular open-source SSL library. One of the vulnerabilities is fairly serious, as it could allow for Man-In-The-Middle attacks under certain circumstances. Interesting notes about this new vulnerability include:
Paraphrasing what long-time penetration tester and computer security author Ira Winkler once told me, “When I do penetration tests, if I can’t get in by technical means I can always get in with social engineering.” While this may sound like advice to a fellow computer security specialist, or a warning to a network manager, it should also sound warning bells to anyone who uses a computer. By social engineering an outsider becomes a corporate insider, with all the authorities and risks.
Nessus Enterprise is now available and allows you to add users (including LDAP support) and share resources such as reports, schedules, policies, and scanners. Nessus Enterprise is available in both on-premise and cloud versions and focuses on users, sharing, collaboration, and increased scalability.