I'm happy to announce the release of version 3.4 of the Passive Vulnerability Scanner. Tenable recommends that all current PVS customers upgrade to this version as it has major performance enhancements and exploitability reference data in the vulnerability reports. 

The Nessus App for iPhone is a great way to keep tabs on running Nessus scans, initiate new scans, and quickly review vulnerability scanning results. The app is available for free in the iTunes store and works with Nessus server versions 4.2 or later and the Nessus PerimeterService. Below is a short video showcasing its features:

You will need an iPhone, iPad, or iPod touch running iOS 4.0 or later in order to run the app.

Welcome to the Tenable Network Security Podcast - Episode 67

Hosts: Paul Asadoorian, Product Evangelist & Carlos Perez, Lead Vulnerability Researcher

Announcements

• Several new blog posts have been published this week, including:
  • Nessus: Mythbusters Edition
  • Tenable and SCAP 1.1
• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials, including the new 3D Tool Beta.


• We're hiring! - Visit the Tenable web site for more information about open positions.


• You can subscribe to the Tenable Network Security Podcast on iTunes!


• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Stories

• Shmoocon Preview - Twice the Mobile (in)Security - The trend has been heating up for a while now, and it's just about ready to boil over and send people screaming, panic stricken, as attackers take hold of their mobile devices. I believe Google's Android and Apple's iPhone have put the "smartphone" front and center as the most popular piece of technology we use in our everyday lives. For the attackers and the security community alike, this means we must find ways to hack it. The motives are of course different: the security community wants a safer place, and the attackers want to profit.

I've recently been doing a bit of research into the history of Nessus. I discovered that the first version of Nessus was published in 1998, and any time software has been around for that long there are bound to be some myths and misconceptions that develop as fast as new features over the years. This post will explain some common myths and set the record straight.

Tenable recently announced that SecurityCenter 4 has been validated by NIST as conforming to the Security Content Automation Protocol (SCAP) version 1.0. The specifications for the latest version of SCAP, 1.1, have recently been released through NIST’s third public draft of Special Publication 800-126 Rev. 1, and the revision is currently open until January 28 for public comment on implementation, content or functional issues within the specification. Tenable is already focusing on the changes included in SCAP 1.1 and will incorporate them into both SecurityCenter and Tenable’s xTool, which is used to parse XCCDF SCAP content available from NIST and also convert SecurityCenter reports into the FDCC reporting format.

Welcome to the Tenable Network Security Podcast - Episode 66

Hosts: Paul Asadoorian, Product Evangelist

Announcements

• Several new blog posts have been published this week, including:
  • Putting a Virus under the SIEM Microscope Webinar
  • Microsoft Patch Tuesday Roundup - January 2011
• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials, including the new 3D Tool Beta.


• We're hiring! - Visit the Tenable web site for more information about open positions.


• You can subscribe to the Tenable Network Security Podcast on iTunes!


• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

When a virus infected one of my Nessus scan targets, I did what any sensible CEO of a SIEM company would do - let it run and see what types of logs and alerts it generated!

Over the 30 days that I let it run, I was able to collect a wide variety of interesting data. This included suspicious Windows application logs, internal network scans, communication anomalies, attempts to break into other lab computers and "classic" outbound connections  to various IRC channels. It even modified how logins worked, breaking my Nessus patch audits. 

Attendees of this webinar will learn about various detection methods that can be used with SIEMs to look for malicious software and computers infected with hostile code. 

Putting a Virus under the SIEM Microscope
Wednesday, January 26 2:00 PM EST
https://www1.gotomeeting.com/register/178513273

The first Microsoft bulletin of the year, MS11-01, only affects Windows Vista and is classified by Microsoft as "important". For those not running Vista, this patch can safely be ignored. It’s easier for smaller organizations to keep up with operating system upgrades and patches on desktop systems. However, if your organization has over 10,000 desktops, upgrading all of them is a daunting task. I really like the idea of using "cloud computing" for this purpose. Yes, I’m suggesting that we use “cloud computing” to improve security! However, in this case, I am talking about a cloud that operates and is managed within the organization, not by a third party. If you are planning on putting your applications and data in, for example, Amazon’s cloud, then you are outsourcing your security to Amazon. It may be better to implement your own cloud to control the security and data. Rather than hosting all of your software and data on a laptop or desktop, the laptop or desktop just gives you access to the applications and data. This is not a new concept, but as more and more laptops will be lost or stolen and client-applications will have vulnerabilities, I believe it’s a logical solution to the problem.

Welcome to the Tenable Network Security Podcast - Episode 65

Hosts: Paul Asadoorian, Product Evangelist & Carlos Perez, Lead Vulnerability Researcher

Announcements

• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials, including the new 3D Tool Beta.
• We're hiring! - Visit the Tenable web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Welcome to the Tenable Network Security Podcast - Episode 64

Hosts: Paul Asadoorian, Product Evangelist, and Ron Gula, CEO/CTO

Announcements

• Several new blog posts have been published this week, including:
  • Log Correlation Engine 3.6 – Now with its own GUI
  • SSL Certificate Authority Auditing with Nessus
  • SecurityCenter 4 Receives FDCC and SCAP Validated Tool Certification
  • 3D Tool beta Video
• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials, including the new 3D Tool Beta.


• We're hiring! - Visit the Tenable web site for more information about open positions.


• You can subscribe to the Tenable Network Security Podcast on iTunes!


• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Tenable Network Security has released version 3.6 of the Log Correlation Engine. This new version includes many performance enhancements as well as its own web-based user interface. This blog entry describes the new user interface, the increased performance and the new features of LCE 3.6.