Detecting Snowden - The Insider Threat

by Paul Asadoorian
February 12, 2014

Tenable's scanning, sniffing, and logging products can comprehensively identify a variety of potentially malicious activity, including activity generated by malicious insiders like Edward Snowden. Tenable's SecurityCenter Continuous View solution can further automate the detection of events coming from scanners, intrusion detection systems, malware, compliance violations, and much more.

Do you have HVAC systems on your internal network?

by Ron Gula
February 10, 2014

If you have not heard the news yet, Brian Krebs has reported that the recent Target breach occurred when hackers broke into the network of a company that managed the company's heating, ventilation and air conditioning (HVAC) systems. The intruders leveraged the trust and network access granted to them by Target and then from these internal systems broke into the point of sale (POS) systems and stole credit and debit card numbers, as well as other personal customer information.

Leveraging Logins and Login Failures to Track Insiders

by Ron Gula
January 28, 2014

I recently had the chance to explain Tenable’s approach to tracking insiders through authentication logs to a new employee. The conversation went something like this:

Q: If I handed you a pile of logs and told you that “Bob” in accounting was an insider threat, what would you do?

A: I’d look through all the logs for accounts that Bob had access to and attempt to audit which systems he accessed and possibly what he did.

SANS 6 Categories of Critical Log Information

by Manish Patel
January 24, 2014

New Dashboard – SANS 6 Categories of Critical Log Information

The SANS Critical Controls are guidelines for strengthening an organization’s security defenses through continuous and automated monitoring.  The SANS guidelines continue to gain traction across all types of organizations and have demonstrated measureable reduction in security risk.