Tenable Blog

Have you ever been in the situation where you have found a server or desktop Windows system that was infected with a virus, Trojan, rootkit or malware and you wanted to scan your network to see if other systems had similar issues?  Nessus ProfessionalFeed and Security Center users can leverage the compliance auditing features of Nessus to look for evidence of hostile software on their network.

Background

The videos from the January DojoSec meeting are now online. Marcus Carey's introduction, Dale Beauchamp's talk on memory forensics and my talk on all things related to compliance and IT are available on Vimeo. To watch the talks, click below. My talk is 45 minutes and it should make you think hard about how to articulate compliance, configuration management, and mono-cultures to your management or your team.

I was recently asked by Carpathia Hosting to contribute to an eBook being written by their CTO, Jon Greaves. The book is titled 'The Datacenter of the Future'. 

The initial chapter describes the evolution of security and privacy as we've progressed from issues such as the Morris worm of 1988 to today's "it's in the cloud" attitude. There are some very good insights in the chapter which explain how the past evolution of technology will influence the types of offerings ISPs and hosting companies will provide in the next decade.

Microsoft recently released a critical security bulletin, MS08-067 that described a privately reported vulnerability in the Server service and provided a patch for this vulnerability. What was unusual was that this bulletin was released independently of Microsoft’s usual patch notification process and caused quite a bit of concern for many organizations. Tenable used this opportunity to help a number of organizations monitor their networks to determine if this issue had been mitigated.