Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Recent Content and Product Updates

Over the past few weeks, we've released several new tools, Nessus audit policies, Log Correlation Engine log parsers and Log Correlation Engine TASL scripts. A summary of these releases is provided below.

New Product Releases and Updates

  • Nessus 3.0.6.1 for Windows - This release fixes a security hole for users running Internet Explorer 6. All users are strongly encouraged to upgrade. Nessus plugin #25799 checks Windows systems for this vulnerability. Direct Feed customers can download 3.0.6.1 directly from the Tenable Support Portal and it can also be downloaded from http://nessus.org.
  • Security Center 3.2.3 - This release improves a wide variety of performance, user management,  reporting and distributed scanning issues. The maximum size of "managed" vulnerability data has been increased from 4GB to 16GB. Also, dynamic asset list computation has been reduced from more than 30 minutes in some cases to less than 1 minute. Builds for RedHat ES3 and ES4, along with a complete list of issues resolved with this release are available for download from the Tenable Support Portal.
  • NessusClient 3.0.0 beta 2 - A new release of this Windows and Linux Nessus client is now available for download from http://nessus.org.
  • Nessus 3.2 beta 4 - For users testing the Nessus 3.2 beta, a 4th release (Nessus 3.1.4) has been made available for Linux, FreeBSD and Solaris. 

New and Updated Audit Polices

  • CIS Certified FreeBSD Audit - Tenable was recently awarded certification to perform Center for Internet Security audits according to the best practice consensus guide of securing FreeBSD systems. This .audit policy is available for download from the Tenable Support Portal by choosing the "Downloads" button and then the "Download CIS Audit and Compliance Files" button.
  • PCI Configuration Audit Updates - Version 1.0.2 of the Windows and version 1.0.3 of the Linux Payment Card Industry 1.1 audit polices are now available. This update relaxes some of the more specific checks to accommodate more stringent settings. These .audit policies are available for download from the Tenable Support Portal by choosing the "Downloads" button and then the "Download Configuration Audit Polices" button.

Updated and New Event Correlation TASL Scripts

  • blacklist.tasl - Similar to the blacklist_domain.tasl script, which was blogged about here, this IP based blacklist lookup correlation script can now accept two "black lists". The second list is for users who want to maintain their own static list of "bad" IP addresses which is not updated based on content from Arbor, SANS or the Bleeding Threat project.
  • long_tcp_sessions.tasl - Previously, Tenable had been maintaining two separate TASL scripts which would monitor the length, bandwidth and ports of each TCP session obtained through NetFlow or direct sniffing. This new TASL script accepts both event types.
  • new_user.tasl - Support to automatically recognize new user names from MS SQL Server logins.
  • successful_login_after_multiple_failures.tasl - Added several new login event IDs and removed account names associated with normal system processes.
  • windows_logon_unknown_network.tasl - Added several new login event IDs and removed common account names associated with normal system processes.

Updated and New Log Parsing PRM Files

Note: To install any of these TASL or PRM files for the Log Correlation Engine, download these files to your /usr/thunder/daemons/plugins directory and then restart the thunderd service.

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.