Web Application Scanning with Nessus

Why is it that so many web applications are certified to be compliant with a particular standard such as PCI DSS and yet are still compromised? According to data compiled by the DatalossDB project, breaches caused by web applications and web-related flaws comprise 11% of all breaches while another 18% fall into the “hack” category (some of which are likely web application related).

Log Correlation Engine Best Practices

This document describes best practice strategies that leverage the Tenable Log Correlation Engine (LCE) for a variety of application, security, system, user, and compliance monitoring scenarios. Each section considers the types of logs that can be gathered and how the Log Correlation Engine's set of correlation, anomaly, reporting, dashboard, and alerting functions can be used most effectively.

Continuous Network Monitoring

Continuous network monitoring and assessment is an evolving best practice to effectively address threats, technology risks, and changing regulatory requirements. And, continuous network monitoring is the only effective countermeasure that an enterprise can implement to address today’s cyber threats.

Nessus Exploit Integration v2

Attackers today have turned much of their focus to attacking web applications and client-side software. Nessus, PVS and SecurityCenter help you eliminate vulnerabilities from these threats through use of an exploitability index of the most widely used exploit frameworks — including Core IMPACT, Immunity CANVAS, Metasploit, and the newly added ExploitHub.

Performing PCI DSS and OWASP Web Application Audits with Nessus

Tenable Network Security offers solutions to perform vulnerability scanning, passive network monitoring, configuration auditing, real-time log collection and analysis of enterprise applications and networks. This paper focuses on Tenable's Nessus vulnerability scanner performing web application audits specific to the following standards:

  • OWASP Top 10

Unified Security Monitoring Best Practices

Tenable’s Unified Security Monitoring (USM) solution enables organizations to unify their system and event monitoring for centralized security and compliance reporting. This document outlines best practices when deploying and optimizing a USM platform to perform security and compliance monitoring for enterprise networks. It also shows how various capabilities can be leveraged for greater maturity in how USM is used to monitor both systems and events for security and compliance.

Correlating IDS Alerts with Vulnerability Information

This paper will illustrate a variety of the approaches and theories that can be used to correlate intrusion detection system (IDS) logs with vulnerability data. Several models will be presented and their benefits and drawbacks will be discussed. The goal will be to illustrate several methods that vulnerability information can be used to illicit high quality alerts from IDS logs that are primarily false positives.

Blended Security Assessments

Modern enterprise networks face a plethora of technical, political and business hurdles that make accurate security assessments difficult and costly. Tenable Network Security, Inc. offers a wide variety of network security assessment technologies that can fit into any environment with minimal impact. This paper will discuss several security assessment challenges facing large enterprise networks and Tenable's solutions to overcome them. This paper emphasizes the benefits of using a combination of host-based, network and passive vulnerability assessment technologies.