Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Tenable Network Security Podcast - Episode 13

Welcome to the Tenable Network Security Podcast - Episode 13

Announcements

  • A new video has been released that covers how to use Nessus 4.2, the latest version of Tenable's Nessus vulnerability scanner.
  • Tenable Network Security's CEO, Ron Gula, is featured in SC Magazine as one the entrepreneurial visionaries who have launched successful IT security companies in the last 20 years.
  • We're hiring! - Visit the web site for more information about open positions, there are currently 14 open positions! We also have a new Facebook Group called Tenable Security Is Hiring where you can go to get more information about open positions (Requires Facebook account to view)
  • You can subscribe to the Tenable Network Security Podcast on iTunes!
  • Tenable Tweets - You find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, Nessus plugin statistics, and more!
  • Tenable is pleased to announce the release of the Log Correlation Engine version 3.4. This release has many new enhancements and features, plus some new functionality such as IDS correlation from various sources and new options in the LCE clients to monitor file integrity. For more information on new features in this release, please see the LCE 3.4 Release Notes. Tenable CEO Ron Gula and I had a chat about the features in this new release.

Interview: Marcus Ranum - CSO, Tenable Network Security

mjr-tameshigiri-sm.jpg
Marcus Ranum hacking up computers and challenging us to think differently about security..


Marcus Ranum always brings fresh and new ideas to the table (even if they are old and crusty, he manages to bring them back to life). In this interview we talk about how to sell security to upper management, the origin of the term "script kiddie", and how one nail can be the downfall of the Internet.

Stories

  • New 0Day Flaw in Internet Explorer - A zero day exploit has ben released for IE versions 6 and 7 and is reported to run on Windows XP SP3 systems. According to the article, "If the software does pop up in online attacks, it will put pressure on Microsoft to rush out an emergency patch, ahead of its regularly scheduled Dec. 8 security update. ". I don't think that waiting until attackers are using the this exploit so heavily that it starts to show up on our radar screens in the best approach. For home or personal users of IE, they need the patch right away as attackers are likely already using it.
  • Firms fail to secure mobile, cloud data, teamwork fail - A recent study highlights some of my own experiences working in IT and computer security. First, they found that companies are unwilling to provide IT the appropriate resources to security mobile computing. Everyone gets an iPhone! That sounds great, but what happens when company data is leaking like a faucet from them? Furthermore, if this happened, how would you know? This quote is classic: ""The (survey) provides still more evidence that companies are racing to adopt new technologies faster than they can understand their impacts on data security and develop effective use and integration policies," Larry Ponemon, chairman and founder of the Ponemon Institute. Ah so true, we tend to be users and consumers of technology, but ignore the risk factors in favor of the "cool" factor. The next point is scary: "The separation between security and operation also caused problems for network defenders. The information-security groups in nearly a third of companies fail to collaborate with their operational counterparts, the survey found."I've worked with network teams, with varying degrees of success, however I never underestimated the importance. You have to work with the IT department in your organization, they are your friends and you need to be there friends. Take them out for drinks, buy donuts on Fridays, whatever you need to do, the folks in IT are a huge part of your organization's security strategy.
  • New Plugin: 42862 PHP 5.3.1 Multiple Vulnerabilities - A new plugin has been released to detect older versions of PHP. The new software released fixes several bugs and vulnerabilities, including safe mode and "open_basedir bypasses.

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training