Mobile Security

New Nessus MDM Integration: MobileIron

by Paul Asadoorian on March 11, 2014

Nessus now supports the MobileIron MDM platform. This new support complements Nessus' existing MDM platform support for Apple Profile Manager, Microsoft Exchange via Active Directory, and Good Technology Good for Enterprise.

BYOD Auditing, Tenable Style

by Ron Gula on September 17, 2013

The recent release of SecurityCenter 4.7 allows organizations to combine network monitoring and MDM auditing to discover and audit all mobile devices in use, regardless if they are being managed, only used for email, or are connected directly to the network.

Detecting Mobile Device Vulnerabilities Using Nessus

by Paul Asadoorian on July 19, 2012

The Mobile Device Threat Without question the security of mobile devices is on the minds of almost every IT department. The average mobile worker carries 3.5 mobile devices at all times, a number that has doubled within the past three years and will likely continue to grow. The problem most organizations face is the workforce uses mobile devices, whether owned by your organization or not, to access company resources. This presents several problems, including not knowing who is using which device, if the devices have the latest software updates, or if device has been tampered with (i.e., jailbroken). Getting a Handle on Mobile Device Security Nessus has implemented new features to help users combat mobile threats. Network-based scanning is not the right approach to identify vulnerabilities on mobile devices, due in large part to the fact that most devices are in "sleep" mode and/or using a 3G/4G network. However, MDM (Mobile Device Management) technologies maintain information about the devices, including information about security vulnerabilities. To learn more about detecting mobile device vulnerabilities with Nessus you can view a video tutorial on our YouTube channel : The new "Mobile" tab in Nessus allows Nessus ProfessionalFeed customers to enter credentials for either (or both) Apple Profile Manager or Microsoft's ActiveSync. Nessus then uses the credentials to gather information about the type of device, who is using it, and mobile device vulnerabilities.

Mobile Devices, Your Network, and Passive Sniffing

by Paul Asadoorian on November 30, 2011

Do you know how many mobile devices reside on your network? Is your security architecture designed to secure the mobile platform and protect your users and the network from the threats they pose? Mobile devices are a security concern for many reasons. Mobile devices are typically unmanaged – meaning they may or may not be running AV software, a firewall, or conform to enforceable security policies. Yet, whether they are provided to your employees as part of your operations or not, they are likely accessing resources on your network. To compound the problem, many mobile devices connect to your local network and the Internet directly on two separate mediums. For example, the device may associate to a wireless belonging to your organization and a 3G/4G connection to the Internet.