Whitepapers

Controlling IT Risk in Financial Institutions

One of the challenges financial institutions face is an annual audit to demonstrate compliance to Federal Financial Institutions Examination Council (FFIEC) requirements. This can be difficult when there is a very large volume of data to analyze that comes from a rapidly increasing number of sources. Correlating data from all these sources, each with their own unique security threats, is necessary to accurately identify risks and demonstrate compliance.

Learn More

Real-Time FISMA Compliance Monitoring

Tenable Network Security, Inc. serves customers worldwide and each of our customers has a unique set of audit and compliance requirements. This paper provides insights gained from Tenable's customers on measuring and reporting compliance audit issues in a wide variety of industries.

Learn More

Network Infrastructure is Not Immune

Network devices including firewalls and routers are the gatekeepers to “endpoint” resources and increasingly rely on complex software components. These devices are often remotely accessible and whose configuration changes regularly, making them susceptible to vulnerabilities and misconfigurations. To add to this, network and security teams are often separate parts of an organization often leading to incomplete understanding of vulnerable infrastructure.

Learn More

Real-Time Auditing for CSIS 20 Critical Security Controls

Tenable Network Security, Inc. was founded on the belief that it is crucial to monitor for compliance in a manner as close to real-time as possible to ensure the organization does not drift out of compliance over time. The greater the gap between monitoring cycles, the more likely it is for compliance violations to occur undetected. Tenable’s solutions can be customized for a particular organization’s requirements and then automatically provide a unified view of the security status through a single management interface that is continually updated with the latest information.

Learn More

Outcome Based Security Monitoring in a Continuous Monitoring World

Five steps for achieving continuous monitoring.

Technology has advanced sufficiently enough such that vulnerability management can be performed in near real-time at large scale. Because of this, outcome based security monitoring for large enterprises is now possible with “big data” types of analytics. This paper goes into five detailed steps for achieving continuous monitoring.

Learn More

SSL: A False Sense of Security?

The Secure Sockets Layer (SSL) protocol has become the backbone of secure network communications, protecting everything from employee remote access, email, file transfer, and systems administration traffic to all of an organization’s e-commerce transactions. But is the security SSL/TLS provides real, or just an illusion?

Learn More

IPv6 Requires Fundamental Change to Vulnerability Management Programs

This paper addresses the need for today’s organizations to actively manage and secure their computing environments relative to IPv6 systems and traffic, regardless of whether they are actively implementing the protocol. In addition, we will demonstrate ho

This paper addresses the need for today’s organizations to actively manage and secure their computing environments relative to IPv6 systems and traffic, regardless of whether they are actively implementing the protocol. In addition, we will demonstrate how Tenable’s SecurityCenter platform delivers unmatched situational awareness and security for IPv6-enabled resources and the network traffic they generate.

Learn More

Predicting Attack Paths

This paper outlines how to leverage Tenable's Nessus and Passive Vulnerability Scanner (PVS) to identify, in real-time, Internet-facing services that are exploitable, Internet browsing systems that are exploitable and trusted servers that are being managed by exploitable clients.

Learn More

Strategic Anti-malware Monitoring with Nessus, PVS, & LCE

Tenable’s Unified Security Monitoring (USM) platform provides great flexibility in security and compliance monitoring of networks across multiple areas including system inventory, vulnerabilities, and corporate policy compliance. By monitoring system processes and network traffic, and correlating it with audit results of anti-virus configurations and malware scans, Tenable’s USM platform can identify a wide range of threats to an organization beyond vulnerability scanning.

Learn More

Pages