Tenable Network Security Podcast Episode 198 - "PCI Discussion Featuring Jeffrey Man"
February 13, 2014<p></p>
The Big Red Button and the Kill Switch
April 25, 2013I have no idea if I had a role in the "Internet Kill Switch" debacle, but it's possible that I was one of the pushes that got that particularly horrible ball rolling. Back in 2002, when I was between ...
Recap: Geeking Out II with Marcus
April 15, 2013Ron and I spent most of the webcast rotating around the theme of detection algorithms: how do you determine what is normal and what is not? We started off with one of my favorite questions, "Are there...
Tenable Network Security Podcast Episode 163 - "Bind Vulnerability, Windows Hardening"
April 2, 2013Announcements We're hiring! - Visit the Tenable website for more information about open positions. Check out our video channel on YouTube which contains new Nessus and SecurityCenter tutorials. ...
Tenable Network Security Podcast Episode 145 - "Source Code Leaks, Problems with Computer Security"
November 8, 2012<h3>Announcements</h3> <ul> <li><a href="http://www.tenable.com/careers/">We're hiring</a>! - Visit the Tenable website for more information about open positions.</li> <li>Check out <a href="http://www.youtube.com/tenablesecurity">our video channel on YouTube</a> which contains new Nessus and SecurityCenter 4 tutorials.</li> <li>Tenable Tweets - You can find us on Twitter at <a href="http://twitter.com/tenablesecurity">http://twitter.com/tenablesecurity</a> where we make product and company announcements, provide Nessus plugin statistics, and more!</li> <li>Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join <a href="https://discussions.nessus.org">Tenable's Discussion Forum</a> for custom scripts, announcements, and more!</li> <li>You can subscribe to the <a href="http://itunes.apple.com/us/podcast/tenable-network-security-podcast/id361250581">Tenable Network Security Podcast on iTunes</a>!</li></ul> <h3>New & Notable Plugins</h3> <h4>Nessus</h4> <ul> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62757">ZABBIX Web Interface popup_bitem.php itemid Parameter SQL Injection</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62776">Temenos T24 Detection</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62783">ManageEngine OpStor Default Administrator Credentials</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62784">ManageEngine OpStor availability730.do days Parameter XSS</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62785">ManageEngine SupportCenter Plus HomePage.do fromCustomer Parameter XSS</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62795">CoDeSys PLC Runtime Service Detection</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62796">CoDeSys Authentication Bypass Directory Traversal</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62797">CoDeSys Unauthenticated Command-line Access</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62798">Oracle VM VirtualBox 3.x / 4.0.x < 4.0.10 Local Integer Overflows</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62800">Kaspersky Password Manager 5.x < 5.0.0.169 HTML Injection</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62801">Mac OS X : OS X Server < 2.1.1 Multiple Vulnerabilities</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62802">Mac OS X : Safari < 6.0.2 Multiple Vulnerabilities</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62803">Apple iOS < 6.0.1 Multiple Vulnerabilities</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62812">CA ARCserve Backup Multiple Vulnerabilities (CA20121018) (credentialed check)</a></li> <li><a href="http://www.tenable.com/plugins/index.php?view=single&id=62813">Symphony CMS Password Retrieval Script XSS</a></li> </ul>
Tenable Network Security Podcast Episode 119 - "Macs Don't Get Viruses, Detecting OS X Malware"
April 9, 2012<h3>Announcements</h3> <ul> <p><li><a href="http://www.nessus.org/news-events/press-releases/2012-tenable-network-security-certified-as-approved-scanning-vendor-asv-b">Tenable Network Security Certified as Approved Scanning Vendor (ASV) by PCI Security Standards Council</a>.</li></p> <p><li>Check out <a href="http://www.youtube.com/tenablesecurity">our video channel on YouTube</a> that contains the latest Nessus and SecurityCenter 4 tutorials. The <a href="http://www.youtube.com/playlist?list=PL339F3E44CA4D523D&feature=plcp">"Top Ten Things You Didn't Know About Nessus" videos</a> have been posted from #10 through #2, so check them out!</li></p> <p><li><a href="http://www.tenable.com/careers/">We're hiring</a>! - Visit the Tenable website for more information about open positions.</li></p> <p><li>You can subscribe to the <a href="http://itunes.apple.com/us/podcast/tenable-network-security-podcast/id361250581">Tenable Network Security Podcast on iTunes</a>!</li></p> <p><li>Tenable Tweets - You can find us on Twitter at <a href="http://twitter.com/tenablesecurity">http://twitter.com/tenablesecurity</a> where we make product and company announcements, provide Nessus plugin statistics, and more!</li></p> <p><li>Want to ask questions about Nessus, SecurityCenter, LCE, and PVS and get answers from the experts at Tenable? Join <a href="https://discussions.nessus.org">Tenable's Discussion Forum</a> for custom scripts, announcements, and more!</li></p> <p><li><a href="http://blog.tenablesecurity.com/2012/03/nessus-5-on-demand-training-now-available.html">Nessus 5 OnDemand Training Now Available</a></li></p></ul> <h3>New & Notable Plugins</h3> <p><strong>Nessus:</strong></p> <ul><p><li><a href="http://www.nessus.org/plugins/index.php?view=single&id=58604">OS Identification : NativeLanManager</a> - </li></p> <p><li><a href="http://www.nessus.org/plugins/index.php?view=single&id=58603">at32 Reverse Proxy Admin Portal No Password</a> -</li></p> <p><li><a href="http://www.nessus.org/plugins/index.php?view=single&id=58601">Microsoft ASP.NET ValidateRequest Filters Bypass</a> - </li></p> <p><li><a href="http://www.nessus.org/plugins/index.php?view=single&id=58621">Cisco WebEx WRF Player Multiple Buffer Overflows (cisco-sa-20120404-webex)</a> - </li></p></ul> <p><br /> </p>
Tenable Network Security Podcast - Episode 64
January 5, 2011<p>Welcome to the Tenable Network Security Podcast - Episode 64</p> <p>Hosts: Paul Asadoorian, Product Evangelist, and Ron Gula, CEO/CTO</p> <h3>Announcements</h3> <ul> <li>Several new blog posts have been published this week, including: <ul><li><a href="http://blog.tenablesecurity.com/2011/01/log-correlation-engine-36-now-with-its-own-gui.html">Log Correlation Engine 3.6 – Now with its own GUI</a></li> <li><a href="http://blog.tenablesecurity.com/2010/12/ssl-certificate-authority-auditing-with-nessus.html">SSL Certificate Authority Auditing with Nessus</a></li> <li><a href="http://blog.tenablesecurity.com/2010/12/securitycenter-4-receives-fdcc-and-scap-validated-tool-certification.html">SecurityCenter 4 Receives FDCC and SCAP Validated Tool Certification</a></li> <li><a href="http://blog.tenablesecurity.com/2010/12/3d-tool-beta-video.html">3D Tool beta Video</a></li></ul> </li> <p><li>Check out <a href="http://www.youtube.com/tenablesecurity">our video channel on YouTube</a> that contains the latest Nessus <strong>and SecurityCenter 4</strong> tutorials, including the new <a href="http://www.youtube.com/watch?v=8rFVEijp2Gs">3D Tool Beta</a>.</li><br /> <li><a href="http://www.nessus.org/about/index.php?view=careers">We're hiring</a>! - Visit the Tenable web site for more information about open positions. </li><br /> <li>You can subscribe to the <a href="http://itunes.apple.com/us/podcast/tenable-network-security-podcast/id361250581">Tenable Network Security Podcast on iTunes!</a></li><br /> <li>Tenable Tweets - You can find us on Twitter at <a href="http://twitter.com/tenablesecurity">http://twitter.com/tenablesecurity</a> where we make various announcements, provide Nessus plugin statistics and more!</li></ul><br /> </p>
Log Correlation Engine 3.6 – Now with its own GUI
January 5, 2011<p>Tenable Network Security has released version 3.6 of the <a href="http://www.nessus.org/products/lce/" target="_self">Log Correlation Engine</a>. This new version includes many performance enhancements as well as its own web-based user interface. This blog entry describes the new user interface, the increased performance and the new features of LCE 3.6.</p>
Tenable at Black Hat USA 2010!
July 12, 2010<p>July hasn’t been hot enough for me and some of the other Tenable staffers, so we will be heading to the desert of Las Vegas in a few weeks to attend <a href="https://www.blackhat.com/html/bh-us-10/bh-us-10-home.html" target="_blank">Black Hat USA 2010</a>! Since 1997, the Black Hat conference has provided a neutral ground for security researchers, government agencies and information security professionals to integrate their varied perspectives. This will be my ninth year at Black Hat and I’ve always found it to be an intense couple of days meeting up with almost everyone I know in the Infosec field. I’m delighted that Tenable will be represented in the Black Hat Trainings, Black Hat Briefings, Black Hat vendor area and <a href="http://www.defcon.org/html/defcon-18/dc-18-index.html" target="_blank">DEF CON</a> this year.</p><p></p> <p>Tenable’s Product Evangelist, Paul Asadoorian, will be teaching two sessions of a brand-new (seriously – we’re still editing it) <a href="http://blackhat.com/html/bh-us-10/training/bh-us-10-training_TEN-AdvNessus.html" target="_blank">Advanced Nessus Training Class</a>.</p> <p>This class is intended for those who are already familiar with Nessus and will cover special techniques and testing situations that you may not be familiar with. There will be a lot of hands-on lab work, assisted by Tenable’s lead Trainer, David Poynter (so that Paul can keep talking, one of his favorite activities). The first session will be held on Saturday and Sunday (July 24 & 25) and the second session on Monday and Tuesday (July 26 & 27). There are still a few seats open in both sessions, but they are filling up fast!</p>
Tenable Network Security Podcast - Episode 41
July 6, 2010<p>Welcome to the Tenable Network Security Podcast - Episode 41</p> <p>Hosts: Paul Asadoorian, Product Evangelist & Kelly Todd, Compliance Analyst</p> <h3>Announcements</h3> <ul> <li>Several new blog posts have been published this week, including: <ul> <li><a href="http://blog.tenablesecurity.com/2010/07/research-spotlight-the-evil-that-bots-do.html">Research Spotlight: The Evil That Bots Do</a></li> <li><a href="http://blog.tenablesecurity.com/2010/06/event-analysis-training---analyzing-outbound-sql-queries.html">Event Analysis Training - Analyzing Outbound SQL Queries</a></li> </ul> </li> <p><li>New Nessus training is now being offered at conferences! - The new course titled "Advanced Vulnerability Scanning Techniques Using Nessus" is now being offered at both <a href="http://www.blackhat.com/html/bh-us-10/training/bh-us-10-training_TEN-AdvNessus.html">Black Hat Las Vegas 2010</a> and <a href="http://2010.brucon.org/index.php/Training#Training_.235:_Advanced_Vulnerability_Scanning_Techniques_Using_Nessus">BruCon 2010</a>. It's a two-day course that will put students into a real-world environment where they will have to solve problems and identify vulnerabilities using the advanced features of the Nessus vulnerability scanner. <br /> <li>Be certain to check out <a href="http://www.youtube.com/tenablesecurity">our video channel on YouTube</a> that contains the latest Nessus tutorials.</li><br /> <li><a href="http://www.nessus.org/about/index.php?view=careers">We're hiring</a>! - Visit the web site for more information about open positions. There are currently 10 open positions listed, including a <a href="http://www.nessus.org/about/index.php?view=jobs_web_coordinator">Digital/Web Strategy Coordinator.</a></li><br /> <li>You can subscribe to the <a href="http://itunes.apple.com/us/podcast/tenable-network-security-podcast/id361250581">Tenable Network Security Podcast on iTunes!</a></li><br /> <li>Tenable Tweets - You can find us on Twitter at <a href="http://twitter.com/tenablesecurity">http://twitter.com/tenablesecurity</a> where we make various announcements, provide Nessus plugin statistics and more!</li><br /> </ul></p>
Tenable Network Security Podcast - Episode 26
March 17, 2010<p>Welcome to the Tenable Network Security Podcast - Episode 26</p> <h3>Announcements</h3> <ul> <li>Two new blog posts have been released titled "<a href="http://blog.tenablesecurity.com/2010/03/value-of-credentialed-scanning.html">The Value Of Credentialed Vulnerability Scanning</a> and <a href="http://blog.tenablesecurity.com/2010/03/microsoft-patch-tuesday---march-2010---it-wont-happen-to-me-edition.html">Microsoft Patch Tuesday - March 2010 - "It Won't Happen To Me" Edition</a>. </li> <li>You can provide feedback to this podcast and all of our social media outlets by visiting our discussions forum and adding messages to the "<a href="https://discussions.nessus.org/community/social">Tenable Social Media</a>" thread. I would love to hear your feedback, questions, comments and suggestions! <a href="https://discussions.nessus.org/thread/2018">I put up a call for ideas on new Nessus videos</a>, so please give us your feedback!</li> <li><a href="http://www.nessus.org/about/index.php?view=careers">We're hiring</a>! - Visit the web site for more information about open positions, there are currently 7 open positions listed! </li> <li>You can subscribe to the <a href="http://itunes.apple.com/WebObjects/MZStore.woa/wa/viewPodcast?id=329735657">Tenable Network Security Podcast on iTunes!</a></li> <li>Tenable Tweets - You can find us on Twitter at <a href="http://twitter.com/tenablesecurity">http://twitter.com/tenablesecurity</a> where we make various announcements, Nessus plugin statistics and more!</li> </ul> <p>Interview - Ron Gula - CCDC Recap</p> <div style="text-align:center;"><img src="http://tenable.typepad.com/.a/6a00d8345495f669e20120a9427862970b-pi" alt="2010_CCDC.png" border="0" width="260" height="86" /></div> <p>Ron Gula and I discuss our experiences at the 2010 Collegiate Cyber Defense Exercise held this past weekend in Columbia, MD.<br /> </p>