Passive Network Monitoring

Tenable Receives Highest Rating of "Strong Positive" in Gartner Vulnerability Assessment MarketScope Report

by Dale Gardner
August 16, 2012

Late yesterday, Tenable announced SecurityCenter™ received a "Strong Positive" rating in Gartner's 2012 MarketScope for Vulnerability Assessment. The report provides guidance to security professionals evaluating options for vulnerability assessment. Gartner rates vendors based on evaluation criteria including market responsiveness and track record; product offering strategy; product functions such as base scanning methods, scope of vulnerability assessment, workflow and remediation support, and reporting capabilities; viability; and customer experience.

Tenable Releases SecurityCenter Continuous View

by Dale Gardner
August 9, 2012

Today, Tenable announced the availability of a new edition of SecurityCenter, called Continuous View.

This edition of SecurityCenter uniquely encompasses both scanning and monitoring, with the inclusion of Tenable's Passive Vulnerability Scanner (PVS). That makes SecurityCenter Continuous View uniquely capable of addressing vulnerability, configuration, and compliance management requirements for emerging technologies like mobile devices, cloud-based services, social applications, and virtual systems.

The flexible licensing approach provided by SecurityCenter Continuous View allows enterprise customers to deploy PVS in much the same way as they do with Nessus within SecurityCenter, pretty much as many as needed.

Existing SecurityCenter customers can upgrade to a ContinuousView license and begin to enjoy the benefits of continuous monitoring with PVS. These include:

  • Real-time identification of server and client vulnerabilities
  • Identification of mobile devices and their vulnerabilities
  • Passive discovery of all internal and external web servers and databases
  • Identification of trust and communication paths
  • Passive monitoring of virtual environments

If a Security Control Falls in the Forest...

by Paul Asadoorian
July 16, 2012

Many guidelines and compliance standards state that in order to be "secure" or "compliant" all of your systems must be patched. Turns out that this is easier said than done. Just when you believe your systems to be patched, something fails and patches seemingly disappear. We can then apply the "falling off" principal to several other areas of information technology, such as web applications, configuration management, and antivirus software. How do security controls in these areas fall off? Read about how this might happen and what you can do to help correct the problems.

Video Conference Detection with PVS

by Randal T. Rioux
May 1, 2012

Many customers have recently inquired about detection of video conferencing hardware and software, and Tenable’s research team has been developing additional PVS plugins to do just that.



Vulnerabilities, Exploits, and Good Dental Hygiene

by Paul Asadoorian
April 12, 2012

Vulnerability Management

Constantly assessing the security of your own systems is an important task in maintaining a secure network. I relate regular security assessments to personal hygiene, such as brushing your teeth everyday (and even more "in-depth" maintenance such as flossing and using mouthwash). All of these actions are an effort to prevent "bad things" from happening. Often, the "bad thing" hasn't happened yet, and you are trying to get ahead of the curve to protect yourself from cavities, gum disease, or worst-case, all of your teeth falling out. Vulnerability management plays the same role in your organization. By regularly assessing your systems, finding problems, and fixing them, you hope to get ahead of the curve and prevent bad things from happening, such as data leakage, breaches, and compromises of your systems by “evil bad guys”.

IStock 000014067353XSmall

All of us can hear our parents voices in our heads, as when we were growing up we were all told to "brush your teeth before you go to bed".

As I stated above, finding the vulnerabilities is just the first step. You must have a process in place to fix the vulnerabilities that you've identified. After that, your processes need to check to be certain that a vulnerability was remediated. Your plan for network health has to track vulnerability remediation, and empower those responsible to be in the loop and fix the problems before something "bad" happens (if it were only so easy as brushing, flossing, and using mouthwash). Tenable has a suite of tools to help you both find as many vulnerabilities as possible and implement a process for continued remediation. Below are some examples:

Predicting Attack Paths

by Ron Gula
April 2, 2012

Tenable has published a technical paper titled “Predicting Attack Paths” that describes how to leverage active and passive vulnerability discovery technology to identify in real-time Internet facing services, systems and clients on your network that can be exploited in a variety of scenarios.

Enhanced Botnet Detection with Nessus

by Ron Gula
March 22, 2012

Tenable’s Research team recently added the ability for Nessus to evaluate audited hosts to see if they are connected to or configured with a known botnet IP address. In this blog entry, we will review all of the features available within Nessus for botnet and malware detection, as well as the types of features that are available in other Tenable products.

Active and Passive Auditing of DNS Servers in Use – Finding DNSChanger Malware

by Ron Gula
March 5, 2012

Tenable’s Research team recently shipped a variety of Nessus plugins and Passive Vulnerability Scanner (PVS) PASL scripts that audit and detect the DNS servers in use on (and off) your network. These plugins and scripts are leveraged to find systems affected by DNSChanger malware, but they can also be used for a broader audit of DNS servers actively in use. This blog entry describes the new plugins and PASL scripts and how they can be used to audit active DNS servers in use.