Outstanding Patch Tracking Dashboard
February 7, 2017Editor's note: Our dashboards have been updated in the time since this blog was originally published. Please see this page for the latest guidance on Outstanding Remediation Tracking. The IT Operat...
Installing and Using Nessus on Kali Linux
July 10, 2014Note: These 2014 instructions are for installing Nessus version 5 on Kali Linux. Please see the newer blog, Getting Started with Nessus on Kali Linux, for information on installing Nessus version 6 an...
Using Nessus to Audit Microsoft SharePoint 2010 Configurations
January 23, 2013Trust, but Verify Recently, Tenable added audit files for Nessus ProfessionalFeed users allowing them to audit Microsoft SharePoint server configurations. The audit policy uses both operating system ...
Tenable Releases SecurityCenter Continuous View
August 9, 2012<p>Today, Tenable <a href="http://www.tenable.com/news-events/press-releases/2012-tenable-network-security-unveils-securitycenter-continuous-view" target="_self" title="Tenable Network Security Unveils SecurityCenter Continuous View">announced </a>the availability of a new edition of SecurityCenter, called Continuous View.</p> <p>This edition of SecurityCenter uniquely encompasses both scanning and monitoring, with the inclusion of Tenable's Passive Vulnerability Scanner (PVS). That makes SecurityCenter Continuous View uniquely capable of addressing vulnerability, configuration, and compliance management requirements for emerging technologies like mobile devices, cloud-based services, social applications, and virtual systems.</p> <p>The flexible licensing approach provided by SecurityCenter Continuous View allows enterprise customers to deploy PVS in much the same way as they do with Nessus within SecurityCenter, pretty much as many as needed.</p> <p>Existing SecurityCenter customers can upgrade to a ContinuousView license and begin to enjoy the benefits of continuous monitoring with PVS. These include:</p> <ul> <li>Real-time identification of server and client vulnerabilities </li> <li>Identification of mobile devices and their vulnerabilities </li> <li>Passive discovery of all internal and external web servers and databases </li> <li>Identification of trust and communication paths </li> <li>Passive monitoring of virtual environments </li> </ul>
SecurityCenter 4.2 and Community Dashboard Site Released
May 30, 2011<p><a href="http://blog.tenable.com/.a/6a00d8345495f669e201538ed394cc970b-pi" style="display: inline;"><img alt="FWR_SC" border="0" class="asset asset-image at-xid-6a00d8345495f669e201538ed394cc970b" src="http://blog.tenable.com/.a/6a00d8345495f669e201538ed394cc970b-800wi" title="FWR_SC" /></a>   <br />Tenable Network Security is proud to announce the immediate availability of SecurityCenter 4.2. SecurityCenter is used to centralize and report on system and event data such as vulnerabilities, logs, NetFlow, configurations and more. </p>
Tenable All-Star Showcase - Atlanta - February 22
February 7, 2011 Tenable Network Security will be hosting a half-day security and compliance seminar in Atlanta featuring Marcus Ranum, Ron Gula and Renaud Deraison. This is your chance to interact with Tenable ...
Putting a Virus under the SIEM Microscope Webinar
January 13, 2011 When a virus infected one of my Nessus scan targets, I did what any sensible CEO of a SIEM company would do - let it run and see what types of logs and alerts it generated!Over the 30...
SSL Certificate Authority Auditing with Nessus
December 28, 2010<p>Do you know where all of your organization’s SSL certificates are and if they are providing enough protection to you and your customers? Nessus can be used to identify all SSL certificates in use, test if they are expired and with the advent of plugin # <a href="http://www.tenable.com/plugins/index.php?view=single&id=51192">51192</a>, test that they have been securely signed by a valid certificate authority. This blog entry will review Nessus’s SSL certificate auditing ability and describe how plugin #51192 can help monitor your network for untrustworthy SSL certificates.</p>
Introducing the Nessus Perimeter Service : redefining the cost of online scanning
December 7, 2010 Have you ever wanted to run an external Nessus vulnerability audit of your DMZ but didn’t have access to a Nessus scanner located on the outside of your network? Tenable Network Security now off...
Auditing PHP Settings to OWASP Recommendations with Nessus
March 16, 2009<p>Tenable recently released an audit policy for Linux servers running PHP which tests for hardening recommendations from the Open Web Application Security Project (<a href="http://www.owasp.org/index.php/Main_Page">OWASP</a>). OWASP maintains a set of guidelines for hardening web servers, with specific attention given to <a href="http://www.owasp.org/index.php/Configuration#PHP_Configuration">PHP</a> and Cold Fusion technologies.</p><p> </p>
Nessus turns 10 !
April 4, 2008Ten years ago today, I announced the initial public release of Nessus on the bugtraq mailing list. The initial version would run only on Linux and was bundled with 50 plugins (vulnerability checks) wr...
Using Nessus Configuration Audits To Test FDCC Compliance
September 25, 2007Tenable has recently announced FDCC audit policies for Nessus ProfessionalFeed and Security Center users. These policies help government organizations test Windows XP Pro and Vista desktops against OM...