Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast Episode 183 - "Hardening Chrome, Measuring Patch Management"

Welcome to the Tenable Network Security Podcast Episode 183

Announcements

Discussion & Highlighted Plugins

  • Devices, Devices, Devices - Plugins this week cover Cisco NAC devices, Cacti, iLO, and Apple Airport vulnerabilities. I think it's great that we're releasing plugins to cover these types of devices. We've talked about it before, and I can't stress it enough – you must scan, patch, and then scan again all of the devices in your your network. The SQL injection vulnerability in the Cisco NAC controller is interesting. To me, that screams "NAC bypass," and if your NAC is easy to bypass, why have one at all?
  • Locking Down the Browser - Browser vulnerabilities seem to have patches come out almost every week, and the user is a huge target for attackers. We released a .audit file for Chrome browsers. This is a great strategy; I'm a big fan of hardening your systems and applications. So why not the browser?
  • Measuring Patch Management - We recently released a SecurityCenter dashboard which tracks how successful your patch management strategy is in your environment. This is an important exercise: Constantly measure your patch management effectiveness, and constantly try to improve. What are some things we can do to improve patch management?

New & Notable Plugins

Nessus

Passive Vulnerability Scanner

Tenable Compliance Checks

SecurityCenter Dashboards

Security News Stories

  1. Howto crawl web.xml with ruby to discover servlet urls for a pentest
  2. Delete any Photo from Facebook by Exploiting Support Dashboard | Arul Kumar.V
  3. Researchers: Oracle's Java Security Fails
  4. NSA cracks HTTPS, SSL, 4G smartphone encryption | Digital Trends
  5. The Router Review: From nmap to firmware | codeinsecurity
  6. Russia's Cybercrime Market Reaches $1.9 Billion
  7. 'Don't Travel Abroad' Russia warns Hackers
  8. Red Hat CIO Takes an Open-Source Approach to Security and BYOD
  9. People the weakest link in security
  10. 5 Signs Of Trouble In Your Network
  11. Android malware spotted hitching a ride on mobile botnet

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.