Tenable Blog

Tenable.io is the world’s first Cyber Exposure platform, giving you complete visibility into your network and helping you to manage and measure your modern attack surface. All the powerful capabilities of Tenable.io Vulnerability Management are available in the Tenable.io API, a robust, well-documented tool for users of all experience levels.

At a recent Tenable sponsored MeriTalk event, Kevin Cox, program manager for Continuous Diagnostics and Mitigation (CDM), provided a preview of coming attractions regarding the CDM federal dashboard. As of this writing, the CDM dashboard is in its initial production stage, with agency exchanges being set up to aggregate the data to be fed into the dashboard. At least five agencies are reportedly on track to have data uploaded to the CDM dashboard during the first quarter of 2018.

IT systems change all the time. New applications are added, configurations are changed, permissions get revised – the list goes on and on. In some cases, the changes end up restricting access to the system. For example, user accounts are removed, access is revoked, account credentials change or expire, leading to unexpected authentication failures and lockouts. And when the credentials fail, applications that depend on them fail, too.

Correction: An earlier version of this post identified the protocol used as the TSAA protocol. This malware uses the TriStation protocol, which is proprietary and undocumented. Thanks to Jimmy Wylie for the correction.

What is Triton?

Triton is a new malware framework targeting safety systems monitoring SCADA networks. It’s designed to run from within a compromised network, allowing the attacker to observe and control Triconex Safety Instrumented System (SIS) devices.

We’ve talked about the need for Congress to prioritize upgrading and modernizing government IT systems for a while now, so we were glad to see the Senate recently pass the 2017 National Defense Authorization Act (NDAA) with the Modernizing Government Technology (MGT) Act intact. The MGT Act (HR 2227), introduced by Rep. Will Hurd (R-TX), was signed into law last Tuesday.