Devices, Devices, Devices - Plugins this week cover Cisco NAC devices, Cacti, iLO, and Apple Airport vulnerabilities. I think it's great that we're releasing plugins to cover these types of devices. We've talked about it before, and I can't stress it enough – you must scan, patch, and then scan again all of the devices in your your network. The SQL injection vulnerability in the Cisco NAC controller is interesting. To me, that screams "NAC bypass," and if your NAC is easy to bypass, why have one at all?
Locking Down the Browser - Browser vulnerabilities seem to have patches come out almost every week, and the user is a huge target for attackers. We released a .audit file for Chrome browsers. This is a great strategy; I'm a big fan of hardening your systems and applications. So why not the browser?
Measuring Patch Management - We recently released a SecurityCenter dashboard which tracks how successful your patch management strategy is in your environment. This is an important exercise: Constantly measure your patch management effectiveness, and constantly try to improve. What are some things we can do to improve patch management?
Try Tenable.io free for 60 days. Protect your organization from WannaCry, NotPetya and other ransomware cyberattacks. Get Started
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.