Welcome to the Tenable Network Security Podcast - Episode 2
- New videos on finding Rogue access points and discovering the latest IIS 5 FTP vulnerability uploaded http://tenablesecurity.blip.tv
- The Tenable appliance was announced, featuring immediate support for Nessus & Security Center, and future support for PVS and LCE
- As always be sure to check out our blog at http://blog.tenablesecurity.com
Interview: Marcus Ranum on Zero Day Exploits: Defending Your Network
- If you are speaking to the security professionals responsible for network security, what can you tell them about "0day" exploits that is helpful?
- Does the media over-hype so-called "0Day" exploits?
- Why is that remote exploits garner so much attention, I mean XSS vulnerabilities are found everyday and no one seems to notice, yet find a juicy exploit in a commonly exposed network service and everyone goes bonkers?
- Many people are asking, "Who still uses FTP?". This is a common theme that I see even today, large organizations with mature security architecture using clear-text protocols such as Telnet, FTP, and TFTP, why? What can they do to expedite the usage of secure protocols, or does this even matter?
- What is missing from most organization's security architecture, in your opinion, that would work to thwart "0day" or even the most common exploits?
- How do economics work against us when it comes to 0day exploits? For example, there are companies that will hold on to, and sell, "0day" exploits, and there are others that will buy "0day" exploits and work with the vendors to fix them.
We also interview Dan Philpott from FISMApedia!
- New Version of the popular Subseven trojan released
- Microsoft Warns Of IIS FTp Flaw - Offers workarounds and cookies (okay, just workarounds)
- Upgraded to Snow Leopard? Time to upgrade Adobe Flash too!
- Ron Gula will be speaking at the Hacker Halted conference in Miami on September 23, 2009
- Marcus Ranum is speaking at Forrester's Security Forum on September 10, 2009
- Paul Asadoorian and others from Tenable Network Security will be attending Cyber Dawn Cyber Exercise on October 3-4, 2009