Update on Nessus SCADA Checks
Digital Bond has placed screen shots of the SCADA checks for Nessus under development in their blog. Below is a screen shot of some of the plugins being developed for the new "SCADA" family.
The research for the SCADA plugins has yielded four types of SCADA plugins:
- device specific checks for Modicon PLCs
- application specific checks for Windows OS based SCADA components (through Windows RPC calls)
- protocol specific checks to find COTP and Modbus
- checks for known SCADA vulnerabilities
These checks will be available to Nessus Direct Feed subscribers and Security Center users.
Tenable has already implemented many SCADA protocol decodes in the Passive Vulnerability Scanner. The PVS can be placed inside or on the perimeter of a network running SCADA protocols and passively determine both SCADA specific applications and generic vulnerabilities. Tenable has a webinar about this subject this Friday at 3:00 PM EST. Tenable has also produced a white paper on protecting and monitoring SCADA networks with both active and passive vulnerability auditing.
Are You Vulnerable to the Latest Exploits?
Enter your email to receive the latest cyber exposure alerts in your inbox.