Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Update on Nessus SCADA Checks

Digital Bond has placed screen shots of the SCADA checks for Nessus under development in their blog. Below is a screen shot of some of the plugins being developed for the new "SCADA" family.

Scadachecks

The research for the SCADA plugins has yielded four types of SCADA plugins:

  • device specific checks for Modicon PLCs
  • application specific checks for Windows OS based SCADA components (through Windows RPC calls)
  • protocol specific checks to find COTP and Modbus
  • checks for known SCADA vulnerabilities

These checks will be available to Nessus Direct Feed subscribers and Security Center users.

Tenable has already implemented many SCADA protocol decodes in the Passive Vulnerability Scanner. The PVS can be placed inside or on the perimeter of a network running SCADA protocols and passively determine both SCADA specific applications and generic vulnerabilities. Tenable has a webinar about this subject this Friday at 3:00 PM EST. Tenable has also produced a white paper on protecting and monitoring SCADA networks with both active and passive vulnerability auditing.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.