Tenable Network Security was recognized at the 10th Annual Info Security Industry’s Global Excellence Awards dinner held last week in San Francisco. Nessus®/ Nessus Perimeter Service™ received a Global Excellence Award in the PCI Compliance Category. The Info Security Products Guide recognizes that over two-thirds of all PCI-Certified Approved Scanning Vendors (ASV) use Nessus, making Nessus the preferred vulnerability scanning solution for those companies that provide compliance validation services.
Have you ever tried to navigate the PCI website and gotten lost and confused?
Are you part of the 99% of companies that must traverse the PCI Compliance landscape as part of the “Self-Assessment” or “do-it-yourself” crowd?
Have you been overwhelmed by vendor claims of “PCI made easy” or “PCI Compliance in 10 minutes” or “PCI in a Box”?
Does it bother you that the answers to your questions are often tied to the product/solution the vendor is selling?
The Payment Card Industry Security Standards Council announced at the European Community Meeting in Nice, France the first validated Point-to-Point Encryption (P2PE) solution. The P2PE application/solution validation programs were first introduced by the PCI SSC over two years ago, so while some might say “it’s about time a solution was validated” it at least appears that the P2PE validation program is quite challenging and complex. European Payment Services (EPS), being the first company to have a solution listed, should be commended.
After a very successful launch of SecurityCenter Continuous View (CV) last year, Tenable has further enhanced the analytical power and value of SecurityCenter CV with the addition of Tenable’s Log Correlation Engine (LCE) as a standard component of the solution.
Tenable is pleased to announce availability of the Nessus Perimeter Service including the Tenable PCI Scanning Service. Customers can scan an unlimited number of Internet-facing IP addresses, as often as they like, and submit PCI scan results up to twice per calendar quarter for Tenable PCI Approved Scanning Vendor (ASV) validation, all for $3,600 a year.
The Nessus Perimeter Service offers:
To learn more about Nessus Perimeter Service and the Tenable PCI Scanning Service you can view the video titled "Nessus Perimeter Service Usage: PCI ASV Validation and SecurityCenter Integration":
Next up on our Nessus top ten list is #9, which covers how to use Nessus configuration auditing to discover information about your system configurations. The following video presents use cases and examples, from PCI compliance to detecting viruses:
Please visit Tenable's YouTube channel for more Nessus and SecurityCenter videos!
It was reported late last month that attackers had penetrated Sony's PSN (PlayStation Network) platform. It has been rumored that reverse engineering the PlayStation firmware, coupled with vulnerabilities in Linux servers and unencrypted data traversing the network, led to the exposure of over 77 million users’ information being leaked, possibly including 2.2 million credit card numbers.
We are pleased to announce that four new Nessus policy templates will be distributed to Nessus ProfessionalFeed and HomeFeed users via the Nessus plugins feed. This is first time we've used "push" functionality to send down scan policy templates.
The four new Nessus scan policy templates will appear in the "Policies" tab once your Nessus installation has updated the plugins:
Do you know where all of your organization’s SSL certificates are and if they are providing enough protection to you and your customers? Nessus can be used to identify all SSL certificates in use, test if they are expired and with the advent of plugin # 51192, test that they have been securely signed by a valid certificate authority. This blog entry will review Nessus’s SSL certificate auditing ability and describe how plugin #51192 can help monitor your network for untrustworthy SSL certificates.