Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Josef Weiss

Josef Weiss's picture
Josef Weiss is a Security Response Manager at Tenable, and expertly tracks vulnerabilities, threats, and cybersecurity risks and manages processes & dependencies around detecting such events. Josef is also responsible for identifying new or potentially new threats (for example vulnerabilities or malware) and monitoring levels of threat activity. The typical day includes researching and documenting vulnerabilities and cyber-attacks, including techniques being used by responsible parties. This cyber intelligence is used to ensure that Tenable Research reacts appropriately to any new or existing threats. Prior to joining Tenable, Josef’s experience spanned over 19 years in information security. He has worked as a security engineer and architect for several major universities, large healthcare organizations and the telecommunications industry. Josef, who holds many certifications, is a Certified Information Systems Security Professional (CISSP), and a Python programmer.
SC Report Template
Friday, August 5, 2016

Operational requirements often limit the ability to continuously scan devices, or to ensure 100% coverage of active scanning, therefore passive scanning allows organizations to continuously detect vulnerabilities, devices, services, and attacks. Passive monitoring provides a wealth of information, and providing a high-level overview or summarizing the information can be a time consuming task. Information contained in this executive report summarizes this large amount of passive data, providing an overview of passively detected vulnerabilities within the organization.

SC Dashboard
Friday, July 29, 2016

Real-time continuous monitoring of network traffic with Tenable Nessus Network Monitor (NNM ) and Tenable Log Correlation Engine (LCE), equips analysts with the required metrics to spot problems and immediately implement solutions. While monitoring network traffic, NNM decodes applications to find vulnerabilities and forwards those to LCE, which normalizes the data. Being able to view real-time metrics in key areas helps organizations identify potential problems, which may have been overlooked otherwise, and take measures to actively prioritize remediation efforts.

SC Report Template
Tuesday, July 26, 2016

Tenable Network Security has been certified by the Center for Internet Security (CIS) to perform a wide variety of Unix, Windows, and application audits based on the best practice consensus benchmarks developed by CIS. These best practice benchmarks contain recommended security settings designed to harden servers and applications against attack while still maintaining operational ease of use.

SC Dashboard
Thursday, June 16, 2016

Questionable content can be defined as content that may be unauthorized, objectionable, or offensive. Many times questionable content may also be a path to phishing campaigns, in which attackers masquerading as other entities attempt to acquire sensitive information from end users. This dashboard presents information on possible questionable web content hosted on the network, and can assist in finding malicious web sites hosted on the network.

SC Dashboard
Wednesday, June 1, 2016

A botnet is a group of computers, often called nodes or zombies, which have been exploited and can be remotely controlled by an attacker. Botnets are easily concealed as they are primarily designed to operate in the background, with very little evidence of their existence. The Botnet Activity dashboard displays active and passive botnet detections, botnet and malicious process indicators, as well as threatlist events, to assist the analyst in determining whether any potential botnet activity is present on the network.

SC Dashboard
Friday, May 27, 2016

A good vulnerability management program requires that an organization also know the software installed on its systems. This dashboard and its components provide information to analysts about software that is discovered on the network.

SC Dashboard
Wednesday, May 18, 2016

According to published data in the Verizon Data Breach Investigation Report (DBIR), missing patches with associated Common Vulnerabilities and Exposure (CVE) IDs accounted for a large number of exploits. A CVE is a dictionary of publically known information about security vulnerabilities and exposures, maintained by the Mitre Corporation, and funded by the National Cyber Security Division of the United States Department of Homeland Security. Applying the appropriate vendor patch can typically mitigate these vulnerabilities.

SC Dashboard
Wednesday, May 18, 2016

Databases can potentially store valuable data for an organization that may not have daily database activity monitoring mechanisms in place. Database management systems can have vulnerabilities, which attackers can exploit to retrieve the organization’s data. This dashboard assists analysts with the identification of database management systems, database vulnerabilities, and information to assist in reducing vulnerabilities.

SC Report Template
Thursday, April 14, 2016

The ability to detect active user accounts and executed commands across hosts is very useful for analyzing system activity, as well as assisting in the identification of activity that may be malicious in nature. Being able to alert on active users and executed commands can be helpful in maintaining a secure environment. This report presents information on active users and issued commands executed across hosts within the environment.

SC Report Template
Thursday, April 7, 2016

The ability to detect unique processes across hosts is very useful for identifying new changes, as well as executables created by malicious software. Many types of malicious software create executables with random file names, being able to alert on those is key is maintaining a secure environment. This report presents information on unique processes and new commands that have been detected in the environment.

Pages

Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.