Tenable Blog

Nessus 3.2 BETA -- Example WMI library usage

by Ron Gula on March 19, 2007

The Nessus 3.2 BETA includes many new features, including a library that allows users to program their own WMI queries to Windows systems. This blog entry discuses some example WMI NASL scripts that make use of the new library and identify interesting asset and configuration information about Windows Hosts.

Reporting Vulnerabilities in an IT Managed Environment

by Ron Gula on March 16, 2007

If you are performing some sort of vulnerability monitoring program or audit, you are most likely finding a large volume of information. Making sense of this information and presenting it to other users who may be less technical than you (or at least less familiar with the vulnerability discovery process) can be a challenging task.

Detecting Change -- Part II

by Ron Gula on March 13, 2007

Tenable has previously bloged about how change can be detected through log analysis. Network change can be detected many other ways, including scanning and passive network monitoring. This blog entry will discuss why detecting change is important to security and compliance, the different types of change that can occur on the network and how they can be detected with Tenable solutions.

Types of Network Change

Using Manufacturer Information For Automatic Dynamic Asset List Creation

by Ron Gula on March 8, 2007

We've blogged in the past about how the Security Center can use any data obtained by Nessus or the Passive Vulnerability Scanner to automatically classify a host into one or more political or technical asset lists.

Monitoring Telnet Security

by Ron Gula on March 3, 2007

With the advent of the current Solaris Telnet Worm, Tenable has had many requests and comments about not only finding the specific associated vulnerability, but how to monitor Telnet in general. This blog entry discusses the worm, how to scan for the Solaris 10 in.telnetd vulnerability and how to monitor your network for Telnet activity.

Scanning for the Solaris in.telnetd Vulnerability

Tenable has released three checks to discover this vulnerability on Solaris systems:

Automated audit policy creation for UNIX Nessus compliance checks

by Ron Gula on February 27, 2007

Many UNIX applications and system settings are contained in proprietary text configuration files. Auditing these for unauthorized changes or configurations can be very cumbersome and time consuming. Nessus 3 Direct Feed and Security Center users have the ability to audit UNIX servers against a configuration policy without an agent.

Enhanced Windows Compliance Auditing

by Ron Gula on February 24, 2007

The Nessus 3 Direct Feed was updated today with enhanced functionality for Windows compliance checks. This blog entry discusses the new features and has example .audit text to illustrate them, including a test case for the recent Microsoft update for 2007 Daylight Savings Time. These changes only effect Windows audits.

Multiple Potential Compliance Values for AUDIT_POLICY Items

Dragon Intrusion Defense System support for Nessus and the PVS

by Ron Gula on February 21, 2007

Today Tenable announced a partnership with Enterasys Networks that enables customers of both companies to operate Nessus and/or the Passive Vulnerability Scanner (PVS) directly on the Dragon sensor. Customers who have existent or planned Tenable and Enterasys security solutions should consider this deployment option.

Nessus 3.2 beta available for testing

by Ron Gula on February 21, 2007

Nessus 3.1.2, the first public BETA of what will become Nessus 3.2, has been released for the Linux, FreeBSD and Solaris operating systems.

Direct Sniffing or Netflow

by Ron Gula on February 19, 2007

When deploying the Log Correlation Engine (LCE), Tenable's support group often is asked which is better for network monitoring: using netflow from a router or performing some sort of direct network monitoring. This blog entry will help users choose a strategy and discuss some of the technical and political aspects associated.

Netflow and Direct Sniffing

Tenable One Exposure Management Platform

Platform categories

Platform capabilities

Cloud Exposure

Vulnerability Exposure

OT/IoT Exposure

Identity Exposure

Business needs

Industries

Compliance

Public Sector

The Tenable difference

Compare Tenable to:

Resources

Research

Tenable Assure partners

Other partner opportunities

Support

Services

Tenable Trust

About us

Media

Connect

Join us

Tenable Blog

Nessus 3.2 BETA -- Example WMI library usage

Reporting Vulnerabilities in an IT Managed Environment

Detecting Change -- Part II

Using Manufacturer Information For Automatic Dynamic Asset List Creation

Monitoring Telnet Security

Automated audit policy creation for UNIX Nessus compliance checks

Enhanced Windows Compliance Auditing

Dragon Intrusion Defense System support for Nessus and the PVS

Nessus 3.2 beta available for testing

Direct Sniffing or Netflow

Tenable Blog

Tenable Vulnerability Management

Tenable Vulnerability Management

Thank You

Tenable Vulnerability Management

Tenable Vulnerability Management

Thank you

Tenable Vulnerability Management

Tenable Vulnerability Management

Thank you

Try Tenable Web App Scanning

Buy Tenable Web App Scanning

Thank you

Request a demo of Tenable Security Center

Request a demo of Tenable OT Security

Request a demo

Request a demo of Tenable Cloud Security

See Tenable One in action

See Tenable Attack Surface Management in action

Get a demo of Tenable Enclave Security

Thank You

Try Tenable Nessus Professional free

NEW - Tenable Nessus Expert now available

Buy Tenable Nessus Professional

Try Tenable Nessus Expert free

Buy Tenable Nessus Expert

Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements

Get a demo of Tenable Patch Management

See
Tenable One
in action

NEW - Tenable Nessus Expert
now available