Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Josef Weiss

Josef Weiss's picture
Josef Weiss is a Senior Software Engineer at Tenable, and expertly tracks vulnerabilities, threats, and cybersecurity risks and manages processes & dependencies around detecting such events. Josef is also responsible for identifying new or potentially new threats (for example vulnerabilities or malware) and monitoring levels of threat activity. The typical day includes researching and documenting vulnerabilities and cyber-attacks, including techniques being used by responsible parties. This cyber intelligence is used to ensure that Tenable Research reacts appropriately to any new or existing threats. Prior to joining Tenable, Josef’s experience spanned over 19 years in information security. He has worked as a security engineer and architect for the Big 4, several major universities, large healthcare organizations and the telecommunications industry. Josef, who holds many certifications, is a Certified Information Systems Security Professional (CISSP), and a Python programmer.
SC Dashboard
Wednesday, May 18, 2016

According to published data in the Verizon Data Breach Investigation Report (DBIR), missing patches with associated Common Vulnerabilities and Exposure (CVE) IDs accounted for a large number of exploits. A CVE is a dictionary of publically known information about security vulnerabilities and exposures, maintained by the Mitre Corporation, and funded by the National Cyber Security Division of the United States Department of Homeland Security. Applying the appropriate vendor patch can typically mitigate these vulnerabilities.

SC Dashboard
Wednesday, May 18, 2016

Databases can potentially store valuable data for an organization that may not have daily database activity monitoring mechanisms in place. Database management systems can have vulnerabilities, which attackers can exploit to retrieve the organization’s data. This dashboard assists analysts with the identification of database management systems, database vulnerabilities, and information to assist in reducing vulnerabilities.

SC Report Template
Thursday, April 14, 2016

The ability to detect active user accounts and executed commands across hosts is very useful for analyzing system activity, as well as assisting in the identification of activity that may be malicious in nature. Being able to alert on active users and executed commands can be helpful in maintaining a secure environment. This report presents information on active users and issued commands executed across hosts within the environment.

SC Report Template
Thursday, April 7, 2016

The ability to detect unique processes across hosts is very useful for identifying new changes, as well as executables created by malicious software. Many types of malicious software create executables with random file names, being able to alert on those is key is maintaining a secure environment. This report presents information on unique processes and new commands that have been detected in the environment.

SC Dashboard
Friday, February 26, 2016

Monitoring the status of multiple security devices can be a challenge for security teams. The pressure to track down and remediate vulnerabilities often overshadows the routine tasks to ensure the health of the security devices. This dashboard provides administrators a platform for monitoring the health and status of their Nessus scanners, Passive Vulnerability Scanners (PVS) and Log Correlation Engines (LCE) through their connection to SecurityCenter.

SC Report Template
Thursday, February 25, 2016

Hosts that contain unsupported or unauthorized software within an organization’s environment is risky and may have dangerous consequences. Unsupported software is no longer compliant with regulatory obligations while unauthorized software may create other organizational risks. This report identifies hosts that are found to have unsupported and unauthorized applications installed.

SC Report Template
Thursday, February 18, 2016

Adobe products are widespread, and Flash is a favorite target of exploit kits, with many of the top exploits targeting flash and other Adobe product vulnerabilities. Understanding what vulnerabilities exist better informs and prepares organizations to which patch management functions need to be addressed. This report provides details on flash vulnerabilities as well as other Adobe products for Windows and Mac OS systems.

SC Report Template
Thursday, February 4, 2016

Hosts that contain unsupported software or operating systems within an organization’s environment are risky, and may have dangerous consequences. Patches for new vulnerabilities in unsupported software will no longer be available, and unsupported software is no longer compliant with regulatory obligations. This report identifies hosts that are found to have unsupported operating systems or applications installed.

SC Dashboard
Thursday, January 21, 2016

Netstat displays active connections for Transmission Control Protocol (TCP), and lists the ports on which the computer is listening. Netstat is useful for displaying statistics and enumerating open ports on a given host and across multiple platforms. This dashboard utilizes Nessus netstat plugins to enumerate open ports via SSH and WMI.

SC Dashboard
Thursday, January 14, 2016

Securing assets appropriately is a common goal of any information security program. The Center for Internet Security (CIS) provides industry best practices to help organizations improve their security posture. The CIS Linux and Unix dashboard is designed to display the overall compliance status of the network based on Tenable's certified Center for Internet Security (CIS) Linux and UNIX Configuration Benchmark audits.

Pages

Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable.ot

Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.