Tenable Blog

On the Security of “Things”

The security ramifications of the "Internet of Things" (IoT) is a hot topic lately. That’s not to say the security community has not been aware of this problem; and dealing with it for some time (or ignoring it as the case may be).

Should Your Board of Directors be Managing Your Security?

Should your board of directors be managing your security?

This is not a rhetorical question. Ensuring a good security posture requires that your board of directors and senior management are on board and support your efforts at securing corporate data.

Let’s pose a few questions:

IT-Harvest Interviews Ron Gula

Tenable Network Security CEO Ron Gula got the opportunity to sit down with IT Harvest’s Richard Stiennon while they were at Black Hat USA 2014. Stiennon is the Chief Research Analyst and founder of the industry analyst firm IT-Harvest.

Detecting Hidden Backdoors in Your BIOS With Nessus

One of the inherent qualities of malware is the ability to hide from the system and the user. It is in the best interest of the bad guys to not be detected, and various forms of malware implement different methods of hiding. However, one method that is very scary is the ability to hide inside the components of the PC, rather than in the operating system. This is the case with malware targeting the BIOS or the unified extensible firmware interface (UEFI) in more modern computers. The dangers is that software running in this area of the system can gain full control of any functions (such as all connected hardware) and bypass protections put in place by the operating system. It makes detection extremely difficult and will persist across system restores and rebuilds.

The Weakest Link – Cloud Application Users and Administrators

Privileged users are a fact of life, but they pose an expanding opportunity to adversaries in the new IT landscape. There are two classes of privileged users on your network today: the users of your cloud-based applications such as SalesForce and NetSuite, and your system administrators.

Pages