SANS 6 Categories of Critical Log Information

by Manish Patel on January 24, 2014

New Dashboard – SANS 6 Categories of Critical Log Information The SANS Critical Controls are guidelines for strengthening an organization’s security defenses through continuous and automated monitoring. The SANS guidelines continue to gain traction across all types of organizations and have demonstrated measureable reduction in security risk. Tenable has added a new dashboard that covers the SANS 6 Categories of Critical Log Information to identify unauthorized changes to information systems that can allow an attacker to infiltrate and modify systems to enable future access. Unlike other...

Tenable Launches “Straight Talk About PCI” Discussion Forum

by Jeffrey Man on December 19, 2013

Have you ever tried to navigate the PCI website and gotten lost and confused? Are you part of the 99% of companies that must traverse the PCI Compliance landscape as part of the “Self-Assessment” or “do-it-yourself” crowd? Have you been overwhelmed by vendor claims of “PCI made easy” or “PCI Compliance in 10 minutes” or “PCI in a Box”? Does it bother you that the answers to your questions are often tied to the product/solution the vendor is selling? Are you the one with a burning question, but can’t seem to find the right person to ask? Have you asked the question and gotten the trademark “...

Continuous Scanning, Better Vulnerability Metrics

by Ron Gula on November 12, 2013

Active scanning, for the most part, is a snapshot-in-time view of vulnerabilities that exist in an organization’s environment. In a typical organization, scans occur on a quarterly or even monthly basis. However, the scans only tell you what happened in that moment, not what happened in the intervening days between scans. By scanning more frequently (and introducing real-time, passive scanning), organizations will have more accurate metrics that show how long an detected vulnerability was present and when it was mitigated. Choosing to ignore new vulnerabilities because your IT team can’t...

Tenable Products Certified VMware and VCE Ready

by Ed Wong on September 16, 2013

Are your servers and workloads virtualized and running on vSphere? Do you have applications in the cloud? If so, chances are you're using VMware and VCE to power your mission-critical data center operations. For a long while now, Tenable has provided vulnerability scanning and patch and configuration management support for VMware and VCE virtualization and cloud infrastructure platforms. Recently, we made the partnership and support official: Yes, we put a ring on it! After a series of integration and interoperability testing, Tenable has been certified as VMware Ready and VCE Ready. What...