Predicting Attack Paths

This paper outlines how to leverage Tenable's Nessus and Passive Vulnerability Scanner (PVS) to identify, in real-time, Internet-facing services that are exploitable, Internet browsing systems that are exploitable and trusted servers that are being managed by exploitable clients.

Strategic Anti-malware Monitoring with Nessus, PVS, & LCE

Tenable’s Unified Security Monitoring (USM) platform provides great flexibility in security and compliance monitoring of networks across multiple areas including system inventory, vulnerabilities, and corporate policy compliance. By monitoring system processes and network traffic, and correlating it with audit results of anti-virus configurations and malware scans, Tenable’s USM platform can identify a wide range of threats to an organization beyond vulnerability scanning.

Tenable Event Correlation

Correlation is essential in extracting context and intelligence from the reams of network event data available to security professionals. Tenable Network Security’s Log Correlation Engine (LCE) product offers multiple event correlation techniques to detect abuse, anomalies, compromise, and compliance violations.

Boosting Your Network Defenses with Tenable’s Integral Attack Path Analytics

Today’s networks are complex, interconnected systems. Organizations invest significant time and energy in developing, deploying, and maintaining defenses for sensitive systems and servers. But the complexity of the environment makes it easy to overlook indirect routes attackers can exploit to take control of processes and data. This paper outlines the challenges, provides processes security practitioners can follow to identify – and close off – these otherwise hidden attack paths, and describes the tools and capabilities needed to perform the job.

Vulnerability Management Evolution: From Tactical Scanner to Strategic Platform

Vulnerability scanners have traditionally been viewed as tactical solutions to the problems posed by the need to satisfy auditors and provide proof of compliance with a mix of regulatory and industry standards. But insightful security leaders have begun to realize that vulnerability assessment products — with the appropriate features and enhanced capabilities — can deliver much more than "check box" compliance. Today, these solutions can help managers make real inroads in optimizing the efficiency of their teams and in managing risk.

Real-Time PCI Compliance Monitoring

Tenable Network Security, Inc. serves customers worldwide and each of our customers has a unique set of audit and compliance requirements. This paper provides insights gained from Tenable’s customers on measuring and reporting compliance audit issues in a wide variety of industries.

Tackling the Mobile Device Challenge with Tenable

Companies that select Tenable to help address the rapidly mounting challenges associated with mobile devices stand to gain in a number of important ways, including: simplification and streamlining of infrastructure and operations, and establishing the need for supplemental countermeasures while reducing risk, total cost of ownership and demonstrating compliance.

Security Requirements 2.0: Time to Replace Your SIEM?

Given the rapid evolution of SIEM/Log Management offerings — and the evolution of requirements with new application models and this cloud thing — you should be wondering whether a better, easier, and less expensive solution meets your needs. Security Management 2.0: Time to Replace Your SIEM? takes a candid look at triggers for considering a new security management platform, walking through each aspect of the decision, and presenting a process to migrate — if the benefits outweigh the risks.

The Untouchables: Protecting Sensitive Technology Systems with Tenable’s Passive Vulnerability Scanner

Every IT security manager has experienced the frustration and risk created by "untouchable" systems — resources critical to supporting a line of business or mission, exposed to attack, yet off limits to standard protective measures such as patching and vulnerability assessment. Unfortunately, the very nature of certain information systems precludes the use of these common — and in some instances required — preventative measures.