Tenable Blog

The Benefits of Credentialed Scanning and Auditing

We've covered the advantages of credentialed vulnerability scanning and configuration auditing in previous blog posts, but I want to recap some of the benefits:

• Getting Around Firewalls - Whether you are scanning through network or host firewalls, credentialed scans require less ports to be open between the scanner and the target(s) and require less network bandwidth and target resources.
• Finding Localized Vulnerabilities - Several vulnerabilities, including those being exploited by attackers and penetration testers alike, are not accessible over the network but present themselves in end-user software ranging from web browsers, PDF readers and office suites. By performing a credentialed scan, Nessus is able to find vulnerabilities that requires user interaction to trigger exploitation in local software.
• Verifying Settings & Configurations - Through either Nessus plugins or configuration auditing, you can answer questions about the state of your systems. For example, if you want to know who has either local or domain administrative rights to your systems, there are plugins that report the list of users. Want to know what type of USB devices are in use in your environment or which systems have modems connected? There are plugins that test for those conditions as well. With configuration auditing, you can check any registry entry on a Windows system for a specific value or check the values on entries in configuration files on Linux/UNIX systems.

Welcome to the Tenable Network Security Podcast - Episode 87

Hosts: Paul Asadoorian, Product Evangelist, Ron Gula, CEO/CTO, Carlos Perez, Lead Vulnerability Researcher, Jack Daniel, Product Manager

Announcements

• Several new blog posts have been published to the Tenable Blog:
• 4 out of 5 CISOs Don't Scan for Off-Port Web Servers
• Comparing the PCI, CIS and FDCC Certification Standards
• Firewall and Boundary Auditing Best Practices
• Risky Business #198 - Tenable CEO Interview on Cybercrime Insurance
• Microsoft Patch Tuesday Roundup - June 2011
• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials. The latest two videos are updates to older videos and cover basic vulnerability scanning and local patch checking using Nessus.


• We're hiring! - Visit the Tenable web site for more information about open positions.


• You can subscribe to the Tenable Network Security Podcast on iTunes!


• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make product and company announcements, provide Nessus plugin statistics and more!

Stories

• WordPress plugins Trojanised, spotted, fixed - I get nervous when the application I am using supports plugins and add-ons that are not written or even checked centrally. It compromises the security of the framework.

As a vendor, Tenable has to demonstrate compliance in many different types of categories. The Payment Card Industry, the Center for Internet Security and US government's FDCC program all have certification standards and procedures for vendors like Tenable. Since Tenable is certified in most of these these categories (we're in the process of becoming an ASV), I though it would be interesting for our blog readers to share some of our insights into the differences and misconceptions between them.

In this week's Risky Business podcast, Patrick Gray and I chatted about the recent rise in cyber insurance. Insurance companies have been working on a variety of insurance packages for years and the recent rash of RSA, Sony and other high-profile attacks have raised the interest level and demand for this. The key point here is that if an insurance company can offer this type of coverage, they need to understand the risk much better than the customers buying the service. 

Welcome to the Tenable Network Security Podcast - Episode 86

Hosts: Paul Asadoorian, Product Evangelist, Ron Gula, CEO/CTO, Carlos Perez, Lead Vulnerability Researcher

Announcements

Stories

• Dan Kamsinky On The RSA SecurID Compromise - "I recommend replacing devices in an orderly fashion, possibly while increasing the rotation rate of PINs. I dismiss concerns about source compromise on the grounds that both hardware and software are readily reversed, and anyway we didn’t change operational behavior when Windows or IOS source leaked." It's true, when entire operating systems' source code has leaked, no one really panicked or changed the way they do business. Yes, you should be replacing all your tokens and, of course, have some other forms of security and authentication other than SecurID.