Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast - Episode 13

Welcome to the Tenable Network Security Podcast - Episode 13

Announcements

  • A new video has been released that covers how to use Nessus 4.2, the latest version of Tenable's Nessus vulnerability scanner.
  • Tenable Network Security's CEO, Ron Gula, is featured in SC Magazine as one the entrepreneurial visionaries who have launched successful IT security companies in the last 20 years.
  • We're hiring! - Visit the web site for more information about open positions, there are currently 14 open positions! We also have a new Facebook Group called Tenable Security Is Hiring where you can go to get more information about open positions (Requires Facebook account to view)
  • You can subscribe to the Tenable Network Security Podcast on iTunes!
  • Tenable Tweets - You find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, Nessus plugin statistics, and more!
  • Tenable is pleased to announce the release of the Log Correlation Engine version 3.4. This release has many new enhancements and features, plus some new functionality such as IDS correlation from various sources and new options in the LCE clients to monitor file integrity. For more information on new features in this release, please see the LCE 3.4 Release Notes. Tenable CEO Ron Gula and I had a chat about the features in this new release.

Interview: Marcus Ranum - CSO, Tenable Network Security

mjr-tameshigiri-sm.jpg
Marcus Ranum hacking up computers and challenging us to think differently about security..


Marcus Ranum always brings fresh and new ideas to the table (even if they are old and crusty, he manages to bring them back to life). In this interview we talk about how to sell security to upper management, the origin of the term "script kiddie", and how one nail can be the downfall of the Internet.

Stories

  • New 0Day Flaw in Internet Explorer - A zero day exploit has ben released for IE versions 6 and 7 and is reported to run on Windows XP SP3 systems. According to the article, "If the software does pop up in online attacks, it will put pressure on Microsoft to rush out an emergency patch, ahead of its regularly scheduled Dec. 8 security update. ". I don't think that waiting until attackers are using the this exploit so heavily that it starts to show up on our radar screens in the best approach. For home or personal users of IE, they need the patch right away as attackers are likely already using it.
  • Firms fail to secure mobile, cloud data, teamwork fail - A recent study highlights some of my own experiences working in IT and computer security. First, they found that companies are unwilling to provide IT the appropriate resources to security mobile computing. Everyone gets an iPhone! That sounds great, but what happens when company data is leaking like a faucet from them? Furthermore, if this happened, how would you know? This quote is classic: ""The (survey) provides still more evidence that companies are racing to adopt new technologies faster than they can understand their impacts on data security and develop effective use and integration policies," Larry Ponemon, chairman and founder of the Ponemon Institute. Ah so true, we tend to be users and consumers of technology, but ignore the risk factors in favor of the "cool" factor. The next point is scary: "The separation between security and operation also caused problems for network defenders. The information-security groups in nearly a third of companies fail to collaborate with their operational counterparts, the survey found."I've worked with network teams, with varying degrees of success, however I never underestimated the importance. You have to work with the IT department in your organization, they are your friends and you need to be there friends. Take them out for drinks, buy donuts on Fridays, whatever you need to do, the folks in IT are a huge part of your organization's security strategy.
  • New Plugin: 42862 PHP < 5.3.1 Multiple Vulnerabilities - A new plugin has been released to detect older versions of PHP. The new software released fixes several bugs and vulnerabilities, including safe mode and "open_basedir bypasses.

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.