It was a long summer and fall months; nevertheless, we are back at it. This is the "lost" episode and final for 2020. We will try to be more regular in 2021.Happy New Year! & Stay Safe!In this episode, Gavin and I discuss what we have been up to over the last several months as we'll discuss some major improvements/innovations here at Tenable.
Show notes:
On this episode, we talk about November Patch Tuesday - Satnam highlights some of the vulnerabilities and we discuss the new, limited format for the advisories from Microsoft. Our guest this month is Grant Dobbe who gives us a crash course on compliance benchmarks and how to pick the right one for you. The key lesson: don’t try to put a jet engine on a Cessna.
This month, Luke is back and he and Satnam have a lot to say about security advisories. As always, we walk through the latest vulnerability news - specifically diving into “Zerologon” and “Bad Neighbor” as well as multiple alerts from CISA. Many advisories recently were focused on chaining vulnerabilities, providing insight into how attackers are actually leveraging bugs in real attacks.
We kick things off with this month’s vulnerability news as well as some primary research Satnam has done into questionable advertisements on TikTok. Then, we speak with Justin Brown about the joys of audit and compliance. Specifically, he talks about how his team works to develop and improve over 100,000 configuration checks.
Our guest this month is Luke Tamagna-Darr and he tells us about some of the automation projects his team is working on, including predicting CVSS vectors when they are missing from vulnerability descriptions. As always, Satnam walks us through the latest vulnerability news as well as the work Tenable Research has done to identify devices impacted by Ripple20.
Tenable Research on Medium - https://medium.com/tenable-techblog
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Choose Your Subscription Option:
Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.
Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.
Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year. Full details here.
Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
$3,578
Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.
Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.
Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.
Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.
Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.
Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.
Continuously detect and respond to Active Directory attacks. No agents. No privileges. On-prem and in the cloud.