Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Network Security Podcast - Episode 78

Welcome to the Tenable Network Security Podcast - Episode 78

Hosts: Paul Asadoorian, Product Evangelist, Carlos Perez, Lead Vulnerability Researcher

Announcements

Stories

  • SCADA: Security is Only One Part of Availability - While this may be true, how do you measure the likelihood of events causing disruptions to service? This is where I like to see threat modeling come into play, but it's tricky business. While some events are immediately recognizable as disruptions, such as a tsunami, what about attacks that are much more stealthy, until such time they cause a disruption?
  • Network security blunders: Tales from the field - Wow, I've made some of the same blunders talked about in this article. Even more, it makes me question the effectiveness of firewalls. Managing a firewall is not an easy thing, and with attackers using methods that are extremely firewall-aware, I'm suggesting that our efforts are better spent in other areas of security (process monitoring, event management) and simplify the firewall rules and management.
  • Open-Source Tool Similar to Maltego - Information gathering is a critical part of in-depth security assessments, and it's great to see tools out there to help people perform this service. Also, if you are defending a network it is a good idea to see what these tools return. You might be surprised just how much information is available about your organization.
  • "Shairport" - Apple Private Key Exposed - Turns out Apple uses the same private key on all Airport Extreme products.
  • Dropbox Found Using Host ID For Authentication - A host ID is used for authentication and is unique per machine, but can be easily stolen and re-used.

Download Tenable Podcast Episode 78