Global Technology Audit Guide - Managing and Auditing IT Vulnerabilities
October 13, 2006I'd like to point all Nessus users and Tenable customers towards a new guide from The Institute of Internal Auditors. The guide helps internal auditors ask the right questions of the IT security staf...
Example Network Behavior Analysis Detection (NBAD) with the Log Correlation Engine
October 10, 2006All Log Correlation Engine licenses include the stats daemon. This daemon reads any log source, including netflow or sniffed TCP sessions, builds a baseline of normal activity and then creates alerts ...
Automatic User MAC Address Tracking
October 9, 2006The Log Correlation Engine can be used to track DHCP leases and Active Directory authentication logs to automatically learn each user's Ethernet address and then alert when this relationship changes. ...
Proxy/Firewall Detection with PVS
October 8, 2006During the past year, the Passive Vulnerability Scanner's rules were modified to detect network proxies and firewalls. This process also involved the reduction of reporting multiple browser types for ...
Additional Webinars for Compliance, NBAD and SCADA Security
October 4, 2006We've gotten requests for more webinars on a variety of topics. Below is the current schedule of webinars presented by Tenable in the month of October. These include an additional "Future of Vuln...
What are the advantages of Distributed Vulnerability Scanning?
October 3, 2006Organizations with large networks can enhance their vulnerability scanning efforts by deploying multiple Nessus vulnerability scanners. This blog entry discusses the advantages of using multiple scann...
Using Honeypots to enhance Log Analysis
September 30, 2006If you are faced with the task of finding network probes and attacks in an endless stream of IDS, firewall, netflow and application events, then using one or more honeypots to help find low-and-slow p...
Rollout: Tenable's Nessus 3.0
September 27, 2006Nessus 3 was recently tested by Network Computing Magazine. Their analysts used Nessus 3 subscribed to a Direct Feed to audit the configuration of a remote Windows system. We felt the article was ver...
Testing the Effectiveness of your Patch Management System
September 27, 2006If you've invested a lot of money into a commercial patch management system or perhaps you've grown your own, how do you know how effective it is? With Nessus's agent-less host based patch audits, it ...
Detecting Vector Markup Language (VML) issues on Windows Systems
September 27, 2006Yesterday, Tenable's research group released Nessus plugin #22449 which can detect Windows systems that are missing a set of patches covered in Microsoft bulletin MS06-055. This patch fixes security i...
Limiting the Ports Probed by Nessus Scans
September 25, 2006A common question our support group receives from Direct Feed customers is how to limit Nessus probes to specific ports. This post will discuss the reasons Nessus sends packets to various ports and h...
Nessus Compliance Check Enhancements
September 23, 2006Tenable has received many requests to extend the API for the agent-less Nessus compliance checks. In response to our customers, we've added several new functions to the compliance plugins which are i...