Whitepapers

Firewall and Boundary Auditing

This document describes several simple strategies to leverage multiple Nessus scanners or multiple Passive Vulnerability Scanners with Tenable SecurityCenter to automate boundary auditing. It also describes several tradeoffs to perform audits of multiple Internet and Intranet boundaries that are secured with firewalls, routers, intrusion prevention systems and other types of network policy enforcement devices.

Passive Vulnerability Scanning Overview

This document describes how the Tenable Passive Vulnerability Scanner (PVS) can be deployed to monitor network traffic at the packet layer to determine topology, services and vulnerabilities. The Passive Vulnerability Scanner is tightly integrated with Tenable SecurityCenter and the Tenable Log Correlation Engine to centralize both event analysis and vulnerability management for a complete view of your security and compliance posture.

Real-Time Massachusetts Data Security Law Monitoring

Tenable Network Security, Inc. serves customers worldwide and each of our customers has a unique set of security, audit and compliance requirements. This paper provides insights on one specific law, Massachusetts 201 CMR 17, which requires protection of the personal information of all Massachusetts residents.

Application Note: FDCC Compliance

Realizing that regulatory and policy compliance is an ongoing process, IT organizations should focus their efforts on finding the right risk management program that provides the standards and best practices to make the process repeatable. Companies need to focus on managing and implementing controls to meet and manage regulations and risk management programs.

Maximizing ROI on Vulnerability Management

Most organizations have some form of vulnerability management program, usually mandated by one of the myriad compliance standards. However, meeting a checklist of compliance standards does not make you secure. If you have to go through the expense of having a vulnerability management program anyway, it may as well be effective – and get a return on your investment.

Organizational ROI Using Tenable Products

Tenable Network Security, Inc. is a network security software product company that offers distributed security management tools for small, medium and large enterprises. Tenable was founded by the creators of the Dragon intrusion detection systems and the Nessus vulnerability scanner. They provide enterprise networks a solution to efficiently manage security across hundreds of network administrators, dozens of different business units and hundreds of thousands of network devices.

Using Nessus to Detect Wireless Access Points

The detection of wireless access points (WAPs) has become a major source of activity for many enterprise security groups. Conducting physical inspections of each campus location with handheld, laptop computers or even dedicated "wireless monitors" to find unauthorized access points is time consuming. Fortunately, these efforts may be enhanced through detection of WAPs with the Nessus vulnerability scanner.

Unified Security Monitoring

Modern enterprise networks face a plethora of technical, political and business hurdles that make accurate security and compliance monitoring difficult and costly. Tenable has pioneered a unique "Unified Security Monitoring" approach that is revolutionizing the way our customers are monitoring (i.e., gathering, evaluating, communicating and reporting) security and compliance information.

Pages