Passive Network Monitoring

PVS App for Splunk

by Sherry Quinn on August 22, 2014

Thanks to Jason Toy for contributing to this post Splunk Enterprise analyzes everything from customer clickstreams and transactions to network activity and call records, turning your machine data into valuable insights. The Tenable™ PVS app for Splunk increases the security threat intelligence of Splunk by sending it critical security-relevant information. Why PVS Adding PVS data to Splunk brings PVS, the only patented passive vulnerability scanner with deep packet inspection, to Splunk's platform. This streamlines tracking users, applications, cloud infrastructure, trust relationships, and...

PVS 4.0.2 is now available for download

by Sherry Quinn on April 2, 2014

This maintenance release addresses the following issues: An expired PVS license or activation code sends the user to the Quick-Setup wizard to allow entry of the new license Hosts with Internet facing vulnerabilities were missing the “External Access” tag Filtering issue on the “Affected Host List” was fixed Dependency issue causing some false positives was fixed Improvements were also made including: The password complexity requirement on the Web Proxy Password setting Relaxed the port setting restriction for “Web Proxy Port” to allow specification of ports below 1024 Plugin evaluation logic...

Detecting Snowden - The Insider Threat

by Paul Asadoorian on February 12, 2014

Tenable's scanning, sniffing, and logging products can comprehensively identify a variety of potentially malicious activity, including activity generated by malicious insiders like Edward Snowden. Tenable's SecurityCenter Continuous View solution can further automate the detection of events coming from scanners, intrusion detection systems, malware, compliance violations, and much more.

Continuous Scanning, Better Vulnerability Metrics

by Ron Gula on November 12, 2013

Active scanning, for the most part, is a snapshot-in-time view of vulnerabilities that exist in an organization’s environment. In a typical organization, scans occur on a quarterly or even monthly basis. However, the scans only tell you what happened in that moment, not what happened in the intervening days between scans. By scanning more frequently (and introducing real-time, passive scanning), organizations will have more accurate metrics that show how long an detected vulnerability was present and when it was mitigated. Choosing to ignore new vulnerabilities because your IT team can’t...

Hiding In Plain Sight: Discovering Legacy Applications Using PVS

by Paul Asadoorian on October 14, 2013

Finding the pockets of your network that contain hidden systems or applications is an ongoing task for every IT security department. It seems no matter how well you know your network, there is frequently something that causes you to raise an eyebrow and investigate. There are a few contributing factors that lead to pockets of unmanaged systems and applications: