February 5, 2009
Tenable Network Security, Inc., the leader in Unified Security Monitoring and creator of the popular and award-winning Nessus® vulnerability scanner, today announces a new capability for Nessus users to audit the configuration of many different SQL databases. These checks are only available to Security Center users and ProfessionalFeed subscribers.
Originally designed as a network vulnerability scanner, Nessus already scans for known security vulnerabilities. Over the last five years, Tenable has continued to add additional capability to this widely used and cost effective tool. Nessus’ capabilities have been extended to conduct agent-less patch audits, system configuration analysis against industry best practices, auditing of applications such as web servers and anti-virus installations and being able to audit hard drives for personally identifiable information (such as credit card numbers and social security numbers), copy written content, and other financial or confidential information.
The new database auditing capability continues to add value to Nessus for a wide variety of corporate enterprise auditors and security consultants. The ability to perform a full security audit of the underlying operating system as well as the SQL database configuration can ensure that applications have taken every measure to prevent data loss from SQL injection attacks, direct attacks on the database and inadvertent internal access to sensitive data.
“Most organizations practice some sort of defense in depth to keep from being the next high-profile data loss headline,” says Ron Gula, CEO of Tenable Network Security. “Being able to audit your database servers for enhanced security settings allows you add one more layer to your defenses without increasing the cost or complexity of operating them.”
The new capability of Nessus includes support for auditing Oracle, MS SQL, MySQL and many others, as well as SQL audit policies based on the Center for Internet Security and the Defense Information Systems Agency “STIGs.”
About Tenable Network Security
Tenable Network Security transforms security technology for the business needs of tomorrow through comprehensive solutions that provide continuous visibility and critical context, enabling decisive actions to protect your organization. Tenable eliminates blind spots, prioritizes threats, and reduces exposure and loss. With more than one million users and more than 20,000 enterprise customers worldwide, organizations trust Tenable for proven security innovation. Tenable's customers range from Fortune Global 500 companies, to the U.S. Department of Defense, to mid-sized and small businesses in all sectors, including finance, government, healthcare, higher education, retail and energy. Transform security with Tenable, the creators of Nessus and leaders in continuous monitoring, by visiting tenable.com.
(410) 872-0555 x1559