Data Visualization

Tenable Releases SecurityCenter Continuous View

by Dale Gardner
August 9, 2012

Today, Tenable announced the availability of a new edition of SecurityCenter, called Continuous View.

This edition of SecurityCenter uniquely encompasses both scanning and monitoring, with the inclusion of Tenable's Passive Vulnerability Scanner (PVS). That makes SecurityCenter Continuous View uniquely capable of addressing vulnerability, configuration, and compliance management requirements for emerging technologies like mobile devices, cloud-based services, social applications, and virtual systems.

The flexible licensing approach provided by SecurityCenter Continuous View allows enterprise customers to deploy PVS in much the same way as they do with Nessus within SecurityCenter, pretty much as many as needed.

Existing SecurityCenter customers can upgrade to a ContinuousView license and begin to enjoy the benefits of continuous monitoring with PVS. These include:

  • Real-time identification of server and client vulnerabilities
  • Identification of mobile devices and their vulnerabilities
  • Passive discovery of all internal and external web servers and databases
  • Identification of trust and communication paths
  • Passive monitoring of virtual environments

SecurityCenter 4.4 Released

by Paul Asadoorian
April 17, 2012

SecurityCenter 4.4 Expands USM Capabilities

SecurityCenter version 4.4 is available today from Tenable Network Security. Customers can download the updated release from the Tenable Support Portal. You can view a video tutorial of the new features on the Tenable YouTube channel, or watch it below:

SecurityCenter is the central component of Tenable’s USM platform. It provides robust enterprise security monitoring by uniquely combining active and passive vulnerability assessments with log and event monitoring to create intelligent and actionable reports. SecurityCenter users also benefit from real-time and flexible dashboards for both security monitoring and maintaining compliance.

SecurityCenter version 4.4 includes dramatic performance gains, improved integration with other management systems, reporting and user interface enhancements, and many other new features. A detailed list is available on the Tenable website. Some of the highlights include:

Predicting Attack Paths

by Ron Gula
April 2, 2012

Tenable has published a technical paper titled “Predicting Attack Paths” that describes how to leverage active and passive vulnerability discovery technology to identify in real-time Internet facing services, systems and clients on your network that can be exploited in a variety of scenarios.

Enhanced Botnet Detection with Nessus

by Ron Gula
March 22, 2012

Tenable’s Research team recently added the ability for Nessus to evaluate audited hosts to see if they are connected to or configured with a known botnet IP address. In this blog entry, we will review all of the features available within Nessus for botnet and malware detection, as well as the types of features that are available in other Tenable products.

Security, Log Management & Burying Stumps

by Paul Asadoorian
July 25, 2011

Burying Stumps

Recently I've been planning and executing a plan to fix some of the landscaping around my house (as a side note, try not to plan this to happen in the middle of July when it’s 90 degrees). In talking with people who have experience with landscaping projects we seem to always hit the topic of digging up and burying stumps, and whether this is a good idea or a bad idea. For the short term, it seems like a good idea. The stumps take up space in the ground so you need less fill (which saves money), burying is cheaper than grinding them down or having them hauled away, and you don't have to look at an ugly stump. The downside is that 7-10 years down the road, the stumps begin to rot and you are left with sinkholes in your yard.


stump-small.png

3D Tool Version 2.0 Released

by Paul Asadoorian
May 13, 2011

Tenable’s 3D Tool v2.0 is a Windows application that queries data from a SecurityCenter 4 server and presents it in an interactive visual console to facilitate presentations and security analysis.

It can help better communicate different types of information available in SecurityCenter, such as:

  • Nessus vulnerability data

  • Network topologies

  • PVS data, including passively discovered vulnerabilities, network connections and new network devices

  • Event data discovered and normalized by the Log Correlation Engine (LCE), including intrusion detection, firewall, NetFlow and syslog data

For more information, see Ron Gula's post to the Nessus Discussion Portal titled "3D Tool Creation and Walk-Through" (login required).

The following screenshot shows hosts on the network and their operating system type:


Picture 20.png

Analyzing the Compromise - without Going Hungry

by Paul Davis
February 21, 2011

reportillegal.png


It's 4:55 PM on a Friday and you are looking forward to an enjoyable dinner with your family. Your Blackberry starts buzzing from across your desk while your inbox starts filling up with alerts from your SecurityCenter along with frantic emails from Human Resources. It seems a disgruntled employee named Jack Black quit today and nobody remembered to tell the IT group to disable his accounts until after important files started disappearing. Suddenly, you are stuck in Incident Response mode, gathering data on the user's activities. Do you cancel your reservations?

Fortunately, you have deployed Tenable Network Security's Unified Security Monitoring products, and have a wide array of resources[1] at hand to streamline the response process. These resources include SecurityCenter, the Passive Vulnerability Scanner (PVS) and Log Correlation Engine (LCE). At a high level, what can these resources do for you?

SecurityCenter

SecurityCenter provides a unified view of both vulnerability and event data along with the alerting, ticketing and reporting required for thorough user forensics.

Passive Vulnerability Scanner

PVS not only tracks vulnerabilities, but logs user and network activities detected in real-time on the wire. These activities include:

3D Tool beta Video

by Paul Asadoorian
December 21, 2010

The following video is a demonstration of Tenable's latest 3D Tool Beta, visualizing network topology and security events:

Security Center 3D Tool 1.2

by Ron Gula
January 17, 2007

Version 1.2 of the 3D Tool is now available. This version is much faster then the previous version. It makes use of Security Center 3.2's ability to obtain data as a .csv spreadsheet. Those types of queries are much faster against Security Center 3.2 than the previous method with Security Center 3.0. A list of new features includes:

Pages