Tenable Receives Passive Network Monitoring Patent
Tenable Network Security recently received a patent for monitoring network traffic and analyzing it to perform discovery of systems, applications and vulnerabilities. This is the core function of Tenable's Passive Vulnerability Scanner and also a core component of our Unified Security Monitoring strategy.
Passive network monitoring compliments network scans and credentialed system audits. It provides continuous discovery in real time. 24x7 monitoring is also a deterrent against unauthorized change. Client-side vulnerabilities can be found without the need for agents or credentialed scans, and in some cases such as enumerating multiple web sites hosted on a web server, passive monitoring does things that active scanning can't do.
Passive network monitoring also compliments any SIEM deployment, including Tenable's SecurityCenter and Log Correlation Engine. Real-time logs from the PVS that record all SQL, SMB, HTTP, DNS and other protocols are an excellent log source for alerting and forensics analysis. Real-time vulnerability data passively obtained can ensure your SIEM has the latest asset inventory and risk metrics for correlation.
Tenable has many plans in store for the Passive Vulnerability Scanner and we continuously add new detection rules to it. For example, we added rules this past month that passively identify SSL certificates that are expired. If you are interested in learning more about what passive network monitoring can do for your logging or vulnerability management program, please feel free to watch these demo videos, or contact our sales team.
Related Articles
Four Questions to Minimize the Cyber Risk of Your Public-facing Assets and Web Apps
November 17, 2021Ask the following four questions to help reduce cyber risk in your public-facing assets and web apps.
Cybersecurity Pros Face Significant Challenges with OT Security: Ponemon Report
April 5, 201962% of organizations in industries relying on operational technology experienced two or more business-impacting cyberattacks in the past 24 months, according to a report from Ponemon Institute an...
Recap: Geeking Out II with Marcus
April 15, 2013Ron and I spent most of the webcast rotating around the theme of detection algorithms: how do you determine what is normal and what is not? We started off with one of my favorite questions, "Are there...
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
August 13, 2024Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
Compromising Microsoft's AI Healthcare Chatbot Service
August 13, 2024Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
- Passive Network Monitoring