Tenable Network Security Podcast Episode 144 - "Scary Security Stories"

Welcome to the Tenable Network Security Podcast Episode 144

Announcements

Special: Scary Security Stories

IStock 000021577650XSmall

The Tenable podcast cast and crew will fill you in on some of their favorite horror stories!

Continue reading "Tenable Network Security Podcast Episode 144 - "Scary Security Stories"" »

 

Nessus Scanning Windows 8 Hosts

Windows8

The new Windows 8 interface provides a very different user experience than past Microsoft operating systems. Nessus can enumerate and detect vulnerabilities on Windows 8 hosts.

Recently, Microsoft made several announcements surrounding new technology, including a new operating system (Windows 8) and a new tablet platform called "Surface." Windows 8 will present a new interface and several new changes under the hood. They're an offshoot of the new platform called Windows RT, a small, fast, and lightweight version designed to run on ARM-based tablets. In fact, this is much of the reason behind the concept of Windows 8 -- it’s meant to run on tablets and touch screens. Windows Phone 8 is the new OS for Windows-based phones, such as those from Nokia.

Continue reading "Nessus Scanning Windows 8 Hosts" »

 

Nessus Scanning Strategies for Consultants

Nessus helps consultants perform a wide variety of security assessment services for their clients. This blog entry describes how many of the new features Tenable has added to Nessus over the past few years dramatically alter the types of services that can be provided during an assessment.

 

Continue reading "Nessus Scanning Strategies for Consultants" »

 

Monitoring the Life of a Java Zero-Day Exploit with Tenable USM

Not too long ago, CVE-2012-4681 (US-CERT Alert TA12-240A and Vulnerability Note VU #636312) was issued for a flaw discovered in Oracle Java (JDK and JRE 7 U6 and before), as well as version 6 U34 and before.

This is a client-side vulnerability, which requires a user to initiate activity to be exploited. I will avoid dissecting the flaw in detail, as this information is widely available on the Web (a particularly good write-up is here).

Keep in mind that Java is platform independent, and so is this exploit. The example here uses Internet Explorer on Windows 7 (with Java SE 7u3). However, Linux and OS X users shouldn’t feel excluded on this one!

With Tenable's Unified Security Monitoring (USM) platform, comprised of SecurityCenter (SC), the Passive Vulnerability Scanner (PVS), and the Log Correlation Engine (LCE), we can track this exploit from start to finish.

Continue reading "Monitoring the Life of a Java Zero-Day Exploit with Tenable USM" »

 

Tenable Network Security Podcast Episode 143 - "SSL Monitoring, Good Security Habits"

Welcome to the Tenable Network Security Podcast Episode 143

Announcements

New & Notable Plugins

Nessus

Continue reading "Tenable Network Security Podcast Episode 143 - "SSL Monitoring, Good Security Habits"" »

 

Uncovering SSL Anomalies In Your Network Using SecurityCenter

Looking in More than One Place

Nessus, PVS, and LCE offer several methods for auditing SSL protocol usage on your network(s). SSL is commonly used to secure websites, but also protects email, file sharing, and many other services. This post lists some generic SSL capabilities found in all Tenable products, and shows how you can combine them to generate useful reports and dashboards.

On the vulnerability identification side, Nessus uncovers many issues with SSL certificates, such as outdated certificates, unsigned certificates, and much more (see the screenshot below for more examples). SSL implementations shipped with appliances often use unsigned certificates, and rely on the administrator to install their own valid certificate. Without a properly signed certificate, man-in-the-middle attacks become considerably easier. If you’re an e-commerce shop, improper SSL implementations will also cause you to become non-compliant with PCI DSS standards.

SSLNessuplugins sm

A sample of Nessus plugins associated with identifying problems with SSL certificates. (Click for larger image)

Continue reading "Uncovering SSL Anomalies In Your Network Using SecurityCenter" »

 

#1 Nessus is an Enterprise Tool - Top Ten Things You Didn't Know About Nessus

The final installment in our "Top Ten Things You Didn't Know About Nessus" video series describes how Nessus is used in the enterprise. Additional products from Tenable, such as, SecurityCenter, the Passive Vulnerability Scanner (PVS), and the Log Correlation Engine (LCE), are used to fill the gaps and extend the functionality of your vulnerability management program.

The video covers how you can overcome problems such as:

  • Launching scans that will run faster and fit into your maintenance windows and patch management cycles
  • Allowing different groups within your organization to manage their own scans
  • Creating Dashboards and Report Templates targeted at different audiences
  • Using PVS to provide real-time coverage for your vulnerability management program
  • Discovering attacks using LCE


You can view all 10 videos in the series on our YouTube Channel using the playlist "The Top Ten Things You Didn't Know About Nessus".

 

Tenable Network Security Podcast Episode 142 - "Tivoli Endpoint Manager Support, Threat Intelligence"

Welcome to the Tenable Network Security Podcast Episode 142

Announcements

Continue reading "Tenable Network Security Podcast Episode 142 - "Tivoli Endpoint Manager Support, Threat Intelligence"" »

 

Nessus Patch Management Integration Now Supports IBM Tivoli Endpoint Manager

Nessus and SecurityCenter now support Tivoli Endpoint Manager (TEM) as a patch management platform in which patch-level information can be extracted for given scan targets.

Nessus Patch Management Support

We are pleased to announce new support for IBM Tivoli Endpoint Manager (TEM) for Patch Management (formerly known as BigFix). This new capability allows us to use the information gathered by TEM from systems where we may not have credentials or we’re unable to reach such systems over the network. The TEM integration is configured similarly to our integration with other patch management solutions where credentials and the server IP address/hostname are provided so Nessus can retrieve the patch information for the hosts targeted in the scan.

In addition to TEM, Nessus and SecurityCenter also integrate with the following popular patch and system management solutions:

  • Microsoft Windows Server Update Services (WSUS)
  • Microsoft System Center Configuration Manager (SCCM) 2007
  • Red Hat Network Satellite Server
  • VMware Go (formerly known as Shavlik)

In order to make use of this feature, be certain you've configured TEM properly. Refer to this discussion post for more information and instructions.

Continue reading "Nessus Patch Management Integration Now Supports IBM Tivoli Endpoint Manager" »

 

Analyzing Nessus Detected Malicious Processes Activity with the Log Correlation Engine

The data from Nessus malicious process checks can be immediately leveraged by SIEM and log search tools. In this blog post we will consider a very basic example of how a computer infected with the GameVance adware can be analyzed with the Log Correlation Engine (LCE).

Continue reading "Analyzing Nessus Detected Malicious Processes Activity with the Log Correlation Engine" »

 

Tenable Network Security Podcast Episode 141 - "Nessus HTML5 Beta, Default Accounts, Stuxnet Redux"

Welcome to the Tenable Network Security Podcast Episode 141

Announcements

Continue reading "Tenable Network Security Podcast Episode 141 - "Nessus HTML5 Beta, Default Accounts, Stuxnet Redux"" »

 

Nessus HTML5 Interface Beta Available!

Until now, the Nessus interface has been using Flash, which has a number of advantages as a development platform, but also has a lot of drawbacks. One of the reasons we implemented a Flash interface for Nessus was that Flash "behaves the same on every browser" (which turns out is not always the case), and it was reasonably fast to run the client (it's now outperformed by the newest javascript engines). Flash also doesn't offer a good "mobile" user experience, if at all. So, it makes sense to use a standard-based technology, and we're moving to HTML5.

So we've released the HTML5 interface as a public beta -- the default Nessus interface will still be Flash for now, but if you connect to your scanner using a browser which doesn't have Flash installed, or if you go directly to the correct URL, you'll have the option to use the beta version of the HTML5 client.

The HTML5 beta interface is available immediately by accessing the URL https://localhost:8834/html5.html (where localhost is the IP address or domain name of your Nessus server). Simply make sure your Nessus plugins are up-to-date.

Continue reading "Nessus HTML5 Interface Beta Available!" »

 

Nessus 5.0.2 Available

Nessus 5.0.2 has been released and is available at http://www.nessus.org/download/. This update is largely a bugfix release, however a new build for Solaris 10 is now available. 

The major issues addressed in 5.0.2 include enhanced support for UTF8 encoding problems in reports and the detection of network congestion errors during scans more conservatively. For a full list of addressed issues, please review the 5.0.2 availability announcement at the Nessus Discussion Forums. 

 

Tenable Network Security Podcast Episode 140 - "DHCPv6 Attacks, Data Breaches, and Wipeouts"

Welcome to the Tenable Network Security Podcast Episode 140

Announcements

New & Notable Plugins

Nessus

Continue reading "Tenable Network Security Podcast Episode 140 - "DHCPv6 Attacks, Data Breaches, and Wipeouts"" »

 

DerbyCon 2012 Nessus User Group Meeting

DerbyCon 2.0 - The Reunion

While I'll do my best not to get "all sentimental," it seems you just can't help it when you're writing about the DerbyCon security conference. DerbyCon takes place each September in Louisville, KY, and has grown to house over 1500 hackers and security professionals in a relaxed and fun environment. There was plenty to do, including visit the lock pick village, be transformed into a zombie by a professional make-up artist, attend a wide array of talks, and much more.

The conference truly feels like you're getting together with your friends and family. Throughout the entire conference, even through the wee hours of the morning, folks were gathered in the hallways and lobbies talking about security, educating each other, and sharing ideas. The presentations received excellent reviews, and ran the gamut from big-name speakers, such as Jeff Moss and Kevin Mitnick, to lesser-known folks sharing some cutting-edge research.

If you want to read more about DerbyCon, you can visit their web page and view videos of all the talks on Irongeek's website.

Continue reading "DerbyCon 2012 Nessus User Group Meeting" »

 

Auditing Open Ports on Windows Systems Using Nessus

Tenable recently released three new checks used for auditing the configurations of Windows systems. The new configuration auditing options allow users to audit open ports. This post provides details about the three new checks, and describes how Nessus users could use them to maintain tight control over the number of open ports on their Windows systems.

1. AUDIT_ALLOWED_OPEN_PORTS


This check allows users to audit the list of open ports against an "allowed" list of ports that can be open on a target. For example, let’s assume there is a company policy to only allow SMB ports 445 and 139 to be open on a target. The resulting configuration audit would look as follows:
<custom_item>
type : AUDIT_ALLOWED_OPEN_PORTS
description : "Audit TCP Open Ports"
value_type : POLICY_PORTS
value_data : "445,139"
port_type : TCP
</custom_item>

Continue reading "Auditing Open Ports on Windows Systems Using Nessus" »

 

Tenable Inks Deal With In-Q-Tel

Tenable Network Security announced today it has established a strategic partnership and technology development agreement with In-Q-Tel. In-Q-Tel is the not-for-profit, strategic investment firm that works to identify, adapt, and deliver innovative technology solutions to support the missions of the U.S. Intelligence Community. Under the terms of the agreement, Tenable will develop secure audit and remediation capabilities that will assist intelligence agencies in continuously outpacing emerging cyber threats.

Continue reading "Tenable Inks Deal With In-Q-Tel" »

 

Tenable Network Security Podcast Episode 139 - "IE Vulnerabilities, SecurityCenter Sneak Preview"

Welcome to the Tenable Network Security Podcast Episode 139

Announcements

New & Notable Plugins

Continue reading "Tenable Network Security Podcast Episode 139 - "IE Vulnerabilities, SecurityCenter Sneak Preview"" »

 

Default Credentials: Low-hanging Fruit in the Enterprise

Passwords are Like Underwear, and It's Laundry Day

Perhaps one of the most easily overlooked security problems in the industry is password security. I'm not referring to the stored end-user password problems (discussed here), but the default (or weak) usernames and password combinations used to protect common administrative interfaces to applications and systems.

The problem stares us in the face every day, each time we log into a router, database management system, or remote access console and enter a password. Often we put a lot of time and effort into securing the end user-facing passwords, such as implementing account lockout password policies and forcing them to change their passwords at a regular interval. I find it ironic that the applications and devices used to run the organization often do not implement the same controls. Hundreds of applications and/or devices are known to be deployed with default passwords, and if not changed before or immediately after they are plugged into the network, can present serious risk to the organization.

Lowhangingfruit

Default credentials are considered "low-hanging fruit" for two reasons. First, they are easily exploitable by an attacker and can often lead to a serious security breach. Second, once you've identified the problem, it is easy to fix by setting a more secure password.

Continue reading "Default Credentials: Low-hanging Fruit in the Enterprise" »

 

$50 Million Series A Investment in Tenable from Accel Partners

I am extremely pleased to announce that Tenable has received its first institutional round of funding: a $50 million investment from Accel Partners. The investment will help us continue to develop and improve our solutions and improve our customers’s experience.

Tenable celebrates its 10th anniversary this month. During that time, we’ve made Nessus the number one trusted vulnerability scanner in the world with more than 1 million users across 150 countries. We did this though a combination working closely with our community and continually adding improvements to make our users’s lives easier and through our own innovation to push Nessus to do even more than vulnerability assessments. Today, Nessus not only detects vulnerabilities, it finds malware, botnets, credit cards, configurations that will get you hacked or fined and most recently, issues with your iPhone and Android devices.

Tenable’s SecurityCenter, our enterprise platform for Nessus, has also become the preferred enterprise security solution for nearly 1,000 enterprise customers including the entire U.S. Department of Defense. We have changed the vulnerability management paradigm through our unique combination of scalable network vulnerability monitoring, vulnerability scanning and log management. It has helped our customers break down traditional security silos, have a unified view of their security posture and respond quicker to incidents and audits than was previously thought possible. 

Continue reading "$50 Million Series A Investment in Tenable from Accel Partners" »

 

0-Day Java Vulnerabilities and Dealing with Vulnerable Client Software

0-day or Not, Clients Are Vulnerable

Whenever there is a new vulnerability in popular software found on users’ desktops, such as Java, Adobe Reader, Adobe Flash, or Mozilla Firefox, the media goes into a frenzy and a lot of articles are published on the topic (often not containing much useful information). The most recent case is a particularly nasty vulnerability affecting Oracle Java, which can be successfully exploited on Windows, OS X, and Linux. While this vulnerability is generating buzz, it’s not all that different from any other popular software in use on users’ desktops that contains a vulnerability. Additionally, there is likely a population of exploits for such software that has yet to be disclosed and is being bought and sold on the black market. In fact, journalist Brian Krebs interviewed the creator of the Blackhole exploit kit who stated, "he was surprised that someone would just leak such a reliable exploit, which he said would fetch at least $100,000 if sold privately in the criminal underground."

Furthermore, it has been known for some time that a Java applet can be used to trick clients into running a malicious payload. Functionality within the Social Engineering Toolkit (SET) allows you to construct a fake website and distribute such a payload. The difference is that the user will have to click "Allow" for this action to occur. While this will decrease the success rate of malware deployment using this method, it will work on Windows, OS X, and Linux.

Continue reading "0-Day Java Vulnerabilities and Dealing with Vulnerable Client Software" »

 

Tenable Recognized by Inc. Magazine for Outstanding Growth

Earlier today, Tenable Network Security revealed it had been named as one of the fastest-growing private companies by Inc. Magazine in its annual Inc. 5000 ranking. We're proud to note Tenable's performance — 259% sales growth over a three year period — earned an overall ranking of #15 among security companies, and #19 in the metropolitan Baltimore area.

The Inc. 5000 recognition follows the recent strong positive ranking given Tenable's vulnerability management products by a leading analyst firm, and major business successes — such as the Tenable technology rollout across the whole of the Department of Defense and select Federal Intelligence Agencies as part of the DoD DISA ACAS program.

Tenable was also cited for contributing to job growth, with over 80 positions added to the company's rosters. Additional career opportunities can be researched on Tenable's website.

 

Tenable Network Security Podcast Episode 137 - "Java 0Day, Hiding in Virtual Machines"

Welcome to the Tenable Network Security Podcast Episode 137

Announcements

New & Notable Plugins

Nessus

Continue reading "Tenable Network Security Podcast Episode 137 - "Java 0Day, Hiding in Virtual Machines"" »

 

Tenable Network Security Podcast Episode 136 - "Detecting Breaches, Finding Web Apps"

Welcome to the Tenable Network Security Podcast Episode 136

Announcements

Continue reading "Tenable Network Security Podcast Episode 136 - "Detecting Breaches, Finding Web Apps"" »

Tenable Network Security


The official BLOG of Tenable Network Security and the Nessus vulnerability scanner.