Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Tenable Network Security Podcast Episode 195 - "Critical AND Exploitable"

Paul Asadoorian
January 23, 2014 • 2 Min Read
by Paul Asadoorian 
Blog Home /

Announcements

Discussion & Highlighted Plugins

  • Discovering New Hosts - At a recent presentation, someone asked me how one can detect new hosts. Tenable has many products that work towards detecting new hosts. One can do this passively by monitoring network traffic with PVS, via Nessus by enumerating virtual machines from virtualization servers, and by looking at the logs collected by LCE. How do you pull all this information together and act on it?
  • Critical AND Exploitable - Severity rating vulnerabilities is tricky business. How do you rate the risk? The threat? What's the difference? Math aside, there is something to be said for a vulnerability in your environment. One thinks we should fix all of these ASAP, or should we?
  • Scanning the ICS Village - Recently, we scanned an entire lab of security products and SCADA devices. The results were impressive. We generated more than 3GB of network traffic, and all scans completed successfully and enumerated several vulnerabilities. While some of the SCADA plugins were written some time ago, they are still very effective at enumerating vulnerabilities against SCADA devices, and even support ModBus. Read the full post.

Nessus

Passive Vulnerability Scanner

Note: Passive Vulnerability Scanner (PVS) is now Nessus Network Monitor. To learn more about this application and its latest capabilities, visit the Nessus Network Monitor web page.

SecurityCenter Apps

Dashboards

Reports

Security News Stories

  1. Hacking Risk Grows for Outdated ATMs
  2. Apple's Very Different BYOD Philosophy
  3. A Walk Through the ICS Village
  4. HealthCare.gov security -- 'a breach waiting to happen' | Security & Privacy - CNET News
  5. Microsoft will furnish malware assassin to XP users until mid-2015
  6. Hacker Turns Mouse Into a Webcam
  7. Introduction to Anti-Fuzzing: A Defence in Depth Aid | NCC Group
  8. The Changing Face Of The IT Security Team

 

 

Paul Asadoorian

Paul Asadoorian

As founder and CEO of Security Weekly, Paul remains one of the world’s foremost experts on all things cybersecurity. Security Weekly is a one-stop resource for podcasts, webcasts and other content, informing community members about penetration testing, vulnerability analysis, ethical hacking and embedded device testing. Previously, Paul served as a lead IT security specialist for Brown University, and as an instructor with The SANS Institute.

Related Articles

Understanding Tenable Plugins

February 28, 2017

Are you pluggin’ along looking for vulnerabilities? The heart of Tenable vulnerability detection comes from the individual tests called plugins – simple programs that check for specific flaws. Each pl...

Ron Meldau

Ron Meldau

Tenable Delivers LCE 5.0.0

January 24, 2017

Tenable is pleased to announce a major update to the Log Correlation Engine® (LCE®), making it easier to scale horizontally to meet growing organizational demands on performance and redundancy. Additi...

Mike Davidson

Mike Davidson

GRIZZLY STEPPE Detection with SecurityCenter

January 5, 2017

Note: Tenable SecurityCenter is now Tenable.sc. To learn more about this application and its latest capabilities, visit the Tenable.sc web page. Governments and businesses around the world are ...

Mehul Revankar

CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited

April 23, 2024

A zero-day vulnerability in CrushFTP was exploited in the wild against multiple U.S. entities prior to fixed versions becoming available as the vendor recommends customers upgrade as soon as possible.

Satnam Narang

Satnam Narang

Operational Technology in the DoD: Ensuring a Secure and Efficient Power Grid

April 19, 2024

In an evolving threat landscape, the DoD must make sure that its mission-critical operations don’t experience power outages.

Zach Bennefield

Zach Bennefield

Cybersecurity Snapshot: Cyber Agencies Offer Secure AI Tips, while Stanford Issues In-Depth AI Trends Analysis, Including of AI Security

April 19, 2024

Check out recommendations for securing AI systems from the Five Eyes cybersecurity agencies. Plus, Stanford University offers a comprehensive review of AI trends. Meanwhile, a new open-source tool aims to simplify SBOM usage. And don’t miss the latest CIS Benchmarks updates. And much more!

Juan Perez

Juan Perez

  • LCE
  • Nessus
  • Nessus Network Monitor
  • Podcast
  • SCADA
  • Vulnerability Management

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Try for Free Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try for Free Buy Now

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Buy Now
Renew an existing license | Find a reseller
Try for Free Buy Now

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training

Buy Now
Renew an existing license | Find a reseller