Tenable Blog

SANS ICS Summit 2014 Conference

I've been in the security community for quite some time (15+ years in fact). And while that's not world record, I have heard more than my fair share of security horror stories. Everything from crashing entire server farms to wiping out email for large organizations, and those are just my own horror stories. I knew there was a gap between security and the ICS world, but it goes deeper than that. Devices, systems and software we label "control systems" have a lot of responsibility. They run the electrical grid, water supplies, and oil supplies of the world. And while strides have been made to improve ICS security, we still have a ways to go. Conferences such as this one, well attended by those responsible for security in ICS/SCADA environments, itself is comforting.

Auditing Network Devices Without Scanning

Nessus can now perform configuration auditing against device configuration files, rather than the systems themselves. Users can make proposed changes in the configurations and test the security of the changes before they go into production, making it easier to test and deploy securely configured devices throughout the network

Wrangling Snakes

Ken Bechtel inaugurates the Tenable Network Security, Inc. Indicators of Compromise and Malware discussion group with advice on how to detect Uroburos aka snake compromised Windows host on your network. He addresses both file and registry modifications as well as network traffic in order for the best chance at detecting compromised machines.

Taking Nessus Perimeter Service to the Next Level

There are several organizations who fit the mold of having just one Nessus scanner. The fact that they own and operate just one scanner is fantastic, it means they have the capability to discover vulnerabilities in their environment, and for most small to mid-sized companies can perform internal scans on a regular basis and react on the results.

New Nessus MDM Integration: MobileIron

Nessus now supports the MobileIron MDM platform. This new support complements Nessus' existing MDM platform support for Apple Profile Manager, Microsoft Exchange via Active Directory, and Good Technology Good for Enterprise.