Ron Gula

Ron Gula's picture
Frequently sought out by media publications and outlets such as the New York Times, Bloomberg and Forbes, Ron is a leading cybersecurity thinker. He is the original author of the Dragon IDS and former CTO of Network Security Wizards, which was acquired by Enterasys Networks. While at BBN and GTE Internetworking, Ron helped develop one of the first commercial network honeypots and oversaw security policies for large carrier-class networks. With an unceasing passion for education and scientific research, Ron has earned three patents and serves on the Advisory Board for the University of Maryland Cybersecurity Center. Current Position: As Chief Executive Officer and Chief Technical Officer, Ron is focused on product strategy, research and development in an effort to keep Tenable at the forefront of network security innovation.

The Weakest Link – Cloud Application Users and Administrators

by Ron Gula on August 26, 2014

Privileged users are a fact of life, but they pose an expanding opportunity to adversaries in the new IT landscape. There are two classes of privileged users on your network today: the users of your cloud-based applications such as SalesForce and NetSuite, and your system administrators. Any...

Do you have HVAC systems on your internal network?

by Ron Gula on February 10, 2014

If you have not heard the news yet, Brian Krebs has reported that the recent Target breach occurred when hackers broke into the network of a company that managed the company's heating, ventilation and air conditioning (HVAC) systems. The intruders leveraged the trust and network access granted to...

Leveraging Logins and Login Failures to Track Insiders

by Ron Gula on January 28, 2014

I recently had the chance to explain Tenable’s approach to tracking insiders through authentication logs to a new employee. The conversation went something like this: Q: If I handed you a pile of logs and told you that “Bob” in accounting was an insider threat, what would you do? A: I’d look...

Keeping Anti-Virus in Check

by Ron Gula on November 20, 2013

Nessus will generate a finding if the scan target has an Anti-Virus agent deployed with the virus detection rules out of date. We've often received feature requests asking us to allow customers to set a grace period (in days) to avoid generating this alert. Such a preference was added this week under the heading 'Antivirus Software Check':

Continuous Scanning, Better Vulnerability Metrics

by Ron Gula on November 12, 2013

Active scanning, for the most part, is a snapshot-in-time view of vulnerabilities that exist in an organization’s environment. In a typical organization, scans occur on a quarterly or even monthly basis. However, the scans only tell you what happened in that moment, not what happened in the...

Detecting Errata Security's Port 22 Internet-Wide Scan

by Ron Gula on September 18, 2013

The security researchers at Errata Security performed an Internet-wide port 22 scan to gather SSH daemon banner information. The scan happened on September 12th from 71.6.151.167 with a tool named masscan. If you run a SIM, a network IDS or any type of passive network monitoring, this is a really easy and safe "known" to go and see if your monitoring is configured correctly. It is the proverbial “shooting fish in a barrel” example where you can show that your network security monitoring is in fact working.

BYOD Auditing, Tenable Style

by Ron Gula on September 17, 2013

The recent release of SecurityCenter 4.7 allows organizations to combine network monitoring and MDM auditing to discover and audit all mobile devices in use, regardless if they are being managed, only used for email, or are connected directly to the network.

Adding Passive Vulnerability Scanning To Your Security ToolKit

by Ron Gula on September 16, 2013

The new PVS 4.0 annual subscription makes network monitoring available to a wide variety of security practitioners. This is a new type of product, and it has many highly-practical use cases. Read about several ways you can get your security work done quicker with PVS 4.0.

Pages