Tenable Discussion Forums

by Ron Gula
March 13, 2009


Tenable has been operating a new “Discussions Forums” web site for all Nessus users and Tenable customers. The forum is located at https://discussions.nessus.org/. It offers the following discussion areas:

  • Announcements
  • Nessus : Scanning
  • Nessus : Reports
  • Nessus : Advanced
  • Nessus : Compliance Checks (*)
  • Nessus : Feature Requests, Bug Reports
  • Security Center (*)
  • Log Correlation Engine (*)
  • Passive Vulnerability Scanner (*)

(*) – Customer access only

USB Device History Auditing with Nessus

by Ron Gula
March 11, 2009

Nessus plugin #35730 can perform an audit of Windows computers to obtain a list of all USB devices that may have been connected to it at one point in time. This plugin compliments plugin #24274 which utilizes a WMI query to list all currently installed USB devices.

Auditing MS SQL Servers for DISA STIG Compliance with Nessus

by Ron Gula
February 5, 2009

Recently, Tenable added the ability for Nessus ProfessionalFeed users to establish a session with database servers and audit their configurations. Our first major audit policy that utilizes this technology performs a database audit against settings specified in the DISA STIG guide for Microsoft SQL servers. This blog entry discusses the new SQL auditing functionality and how to perform the DISA STIG audit with Nessus.

DOJOSEC - Compliance Video Online

by Ron Gula
January 16, 2009

The videos from the January DojoSec meeting are now online. Marcus Carey's introduction, Dale Beauchamp's talk on memory forensics and my talk on all things related to compliance and IT are available on Vimeo. To watch the talks, click below. My talk is 45 minutes and it should make you think hard about how to articulate compliance, configuration management, and mono-cultures to your management or your team.

Risky Business #89 Podcast - Xen Security, Free Microsoft Anti-Virus and Marcus Ranum's comments about the recent Hack-In-The-Box conference

by Ron Gula
November 26, 2008

Episode #89 of Risky Business is now available and features comments from Tenable's CSO, Marcus Ranum. Marcus recently keynoted the Hack In The Box security conference in Malaysia and spoke on many of the common misconceptions about "cyber" warfare. Marcus has also blogged here about many different topics which receive the "cyber" label including:

Onsite Tenable Training: An Instructor Perspective

by Matt Franz
November 20, 2008

Besides the monthly Tenable Enterprise Security Monitoring classes available at our Columbia training center, Tenable offers versions of the same content taught at customer locations. The obvious reason to choose our onsite training offering is that allows entire teams to be quickly trained on Security Center, Nessus, Passive Vulnerability Scanner or Log Correlation Engine without the inconvenience and cost of sending one to two students at a time to Maryland.

Network Process Auditing with Nessus

by Ron Gula
October 7, 2008

One of the most important goals of forensic analysis and system auditing is to determine what a system is actually running – not what appears to be running.  A static review of installed system binaries may show results that are perfectly benign while the process that is actually running is not. It is important to correlate the running process with the program stored on disk to really determine what it is doing.

“Listening Process” Auditing with Nessus