Digital Bond OPC Hardening Guide
September 21, 2007If you are using Nessus to audit a control system network, Digital Bond has recently released a set of guidelines (part 1, 2 and 3) for securing OPC servers. These guidelines include three Nessus conf...
Finding Sensitive Data as a Consultant with Nessus
August 29, 2007There are many consultants that use Nessus to scan a customer network for vulnerabilities and report a laundry list of security issues which need to be fixed. Another valuable service that can be perf...
CIS Certified Windows 2003 Member Server Audits
August 10, 2007Tenable Network Security was recently awarded Center for Internet Security (CIS) certification to perform audits of Windows 2003 Member Servers through Nessus Direct Feed and/or Security Center agent...
Federally Mandated Configuration Settings for XP and Vista
August 8, 2007The Office of Management and Budget recently released new configuration guidelines for Windows XP and Vista that all Federal agencies need to adopt by February 1, 2008. The guidelines are known as the...
Finding Low Frequency Events
April 23, 2007Very often when I speak with Tenable customers about performing IDS or Event analysis, I ask them if they use the Time Distribution tool under the Security Center. This tool is used to identify any co...
Creating "Gold Build" Audit Policies
September 13, 2006Security Center users and the Direct Feed subscribers have the ability to audit the host-based configuration of their UNIX and Windows servers. Tenable has produced several audit polices based on our ...
3D Tool Video
July 28, 2006Tenable has made the "3D Tool" for the Security Center available. A web-based video of it can be viewed here. The video shows a three dimensional topology graph of some different networks, a...
Tenable and Reconnex
July 24, 2006Tenable's Log Correlation Engine (LCE) can accept events from the Reconnex iGuard. If you are not familiar with products like the iGuard, it is a sophisticated network traffic analyzer that can look f...
SCADA Network Monitoring
July 19, 2006Tenable has produced a set of plugins for our Passive Vulnerability Scanner (PVS) based on the publicly available SCADA IDS signatures from Digital Bond. This allows the PVS to discover which devices ...
Detecting Network Change
July 19, 2006Tenable has recently added several TASL correlation rules which detect a variety of network changes. These rules automatically detect: Changes to servers such as new software and added patches C...
CentOS Patch Auditing
July 19, 2006Tenable is now tracking patch updates to the CentOS Linux operating system. The Nessus Direct and Registered feeds are now updated with host-based patch audits for CentOS. There are more than 200 audi...
Detecting when Credentials Fail
July 19, 2006If you are using Nessus to perform credentialed audits of UNIX or Windows systems, analyzing the results to determine if you had the correct passwords and SSH keys can be difficult. Nessus users can n...