Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Paul Asadoorian

Profile picture for user Paul Asadoorian
As founder and CEO of Security Weekly, Paul remains one of the world’s foremost experts on all things cybersecurity. Security Weekly is a one-stop resource for podcasts, webcasts and other content, informing community members about penetration testing, vulnerability analysis, ethical hacking and embedded device testing. Previously, Paul served as a lead IT security specialist for Brown University, and as an instructor with The SANS Institute.
Blog Post

Microsoft Patch Tuesday Roundup - September 2010 - "Silent but deadly" Edition

"Silent" Worms: Stuxnet The vulnerability patched with MS10-061 is perhaps one of the most interesting we've covered in a "Patch Tuesday" post this year. The vulnerability was discovered when antivirus researchers at Kaspersky Lab analyzed malware called "Stuxnet". The malware was one of the first worms to use the LNK vulnerability, and contained code to exploit three other vulnerabilities, the print spooler vulnerability patched by MS10-061 and two other unnamed privilege escalation vulnerabilities that have yet to be patched. Its not everyday that we hear of malware in the wild exploiting 4 0-day vulnerabilities. I am not easily impressed (in fact, I am even less than impressed) with the capabilities of most malware in the wild. However, there are some facts about the "Stuxnet" malware that do impress me: Stuxnet also contains an exploit for a vulnerability from 2008. It will only execute this exploit if it determines it is inside an organization using SCADA systems and not a typical corporation. Stuxnet was written specifically to attack control systems, and is the first publicly known malware to contain a rootkit for PLCs, devices that control SCADA systems. The rootkit silently waits for commands. Stuxnet gains access to control systems using default passwords and is rumored to have compromised 14 different control systems-based organizations. Stuxnet was first thought to primarily use USB devices to propagate (likely to get around "air gapped" security measures) There was an interesting quote from Symantec that stated, "Symantec gained control of the domain used to send commands to infected machines shortly after Stuxnet was discovered". Apparently, this turned over control of Stuxnet-infected systems to Symantec. I just don't understand the logic behind the malware authors; if they had used fast flux, they may still have control over the botnet they seemed to have worked so hard to implement. There are actually 6 ninjas in the above picture… can you spot them all?

Blog Post

Tenable Network Security Podcast - Episode 50

Welcome to the Tenable Network Security Podcast - Episode 50 Announcements Several new blog posts have been published this past week, including: Making Penetration Testers Lives Awful Tenable Network Security Podcast - Episode 49 - Interview with Dennis Brown Passive Vulnerability Scanner Network Licensing Ron, Marcus, and Renaud present the San Francisco Security Showcase on September 15, 2010! This is a free event that will feature topics such as a Nessus overview and future plans, the advantages of pairing active and passive scanning, an overview and discussion of current security strategies and new industry trends, the past, present and future of regulatory compliance, and a Tenable Network Security product/solutions overview. Be certain to check out our video channel on YouTube that contains the latest Nessus tutorials. We're hiring! - Visit the web site for more information about open positions. You can subscribe to the Tenable Network Security Podcast on iTunes! Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Blog Post

Making Penetration Testers Lives Awful

Awful, awful, awful.....Magic! It was my wife’s turn to choose a movie the other night, which means there were no kung fu fight scenes, sword fights or car chases. Instead, there was a scene that depicted a father-to-be talking to a father of three children. The father with three children was explaining to the father-to-be what parenthood was really like and stated: "Parenthood is awful... awful… awful... but then there is this magical moment that makes it all worth it… then awful... awful... awful and repeat". Parents reading this, especially ones with small children, are probably laughing. However, I thought that the "awful, awful, awful, magic!" analogy also very accurately described penetration testing. I have a similar reaction both on Christmas morning and when I successfully compromise a system on a penetration test.

Blog Post

Tenable Network Security Podcast - Episode 49

Welcome to the Tenable Network Security Podcast - Episode 49

Blog Post

Tenable Security Showcase - New York City

Please join Tenable's own Ron Gula, Renaud Deraison, Marcus Ranum and Paul Asadoorian for a Security Showcase on October 6, from 8:30am to 2:00pm at the New York Marriott East Side, 525 Lexington Ave. at 49th Street in New York City. Breakfast and lunch will be provided during this half-day FREE event.

Blog Post

Tenable Network Security Podcast - Episode 48

Welcome to the Tenable Network Security Podcast - Episode 48 Hosts: Paul Asadoorian, Product Evangelist & Kelly Todd, Compliance Analyst Announcements Several new blog posts have been published this week, including: Tenable Network Security on the Inc 5000 List The Three Legged Stool Of Vulnerability Management New Nessus training is now being offered at BruCon 2010. It's a two-day course that will put students into a real-world environment where they will have to solve problems and identify vulnerabilities using the advanced features of the Nessus vulnerability scanner. Ron, Marcus, and Renaud present the San Francisco Security Showcase on September 15, 2010! This is a free event that will feature topics such as a Nessus overview and future plans, the advantages of pairing active and passive scanning, an overview and discussion of current security strategies and new industry trends, the past, present and future of regulatory compliance, and a Tenable Network Security product/solutions overview. Be certain to check out our video channel on YouTube that contains the latest Nessus tutorials. We're hiring! - Visit the web site for more information about open positions. You can subscribe to the Tenable Network Security Podcast on iTunes! Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more! Ron Gula Ron and Paul discuss web application testing using Nessus!

Blog Post

The Three Legged Stool Of Vulnerability Management

Don't Fall Off The Stool When I developed the course "Advanced Vulnerability Scanning Techniques Using Nessus", I wanted to mention some of the trade-offs we make when we perform vulnerability scans using different configurations. Nessus creator Renaud Deraison helped point out that it seems to come down to three factors: speed, intrusiveness and comprehensiveness. What I found was that these three factors were extremely important throughout the duration of the class, and I realize that for vulnerability scanning and vulnerability management, these factors must be taken into consideration. "Vulnerability scanning is a balance between speed, intrusiveness and comprehensiveness."

Blog Post

Tenable Network Security Podcast - Episode 47

Welcome to the Tenable Network Security Podcast - Episode 47 Hosts: Paul Asadoorian, Product Evangelist & Kelly Todd, Compliance Analyst Announcements A new blog post was published this week: Nessus Web Application Scanning - New plugins & Configuration New Nessus training is now being offered at BruCon 2010. It's a two-day course that will put students into a real-world environment where they will have to solve problems and identify vulnerabilities using the advanced features of the Nessus vulnerability scanner. Ron, Marcus, and Renaud present the San Francisco Security Showcase on September 15, 2010! This is a free event that will feature topics such as a Nessus overview and future plans, the advantages of pairing active and passive scanning, an overview and discussion of current security strategies and new industry trends, the past, present and future of regulatory compliance, and a Tenable Network Security product/solutions overview. Be certain to check out our video channel on YouTube that contains the latest Nessus tutorials. We're hiring! - Visit the web site for more information about open positions. You can subscribe to the Tenable Network Security Podcast on iTunes! Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more! Passive Vulnerability Scanning Segment with Ron Gula Ron joins us to discuss some new features added to the Passive Vulnerability Scanner, including: VxWorks and QNX passive vulnerability detection New passive patent New PVS licensing options for network address spaces

Blog Post

Nessus Web Application Scanning - New plugins & Configuration

Zen and the Art of Nessus Web Application Scanning Tenable’s research and development teams have been steadily adding new features and plugins to the web application scanning functionality in Nessus to detect web application vulnerabilities. These can be grouped into two categories: Known Web Application Vulnerabilities - Nessus contains over 1,700 plugins that can fingerprint and detect known vulnerabilities in web applications. Any plugin listed in the "CGI Abuses" or "CGI Abuses : XSS" plugin families is written to enumerate vulnerabilities that have been previously reported in a web application product (open-source or commercial). To enable these plugins you MUST enable CGI scanning in a Nessus policy's "Preferences" section. Even if you enable the plugin families they will not execute if CGI scanning is not enabled. Previously Unknown Web Application Vulnerabilities - This level of scanning uses various fuzzing and other enumeration techniques to detect vulnerabilities that may not yet have been discovered. Each parameter of the web application is tested for SQL injection, cross-site scripting and a large number of other common web application attacks. Nessus has a comprehensive list of different attack strings and methods to find vulnerabilities in web applications. More information about these can be found in the Nessus User Guide. The following sections provide more detailed information on how to enable features within Nessus to perform more exhaustive web application scans. Please note that use of these features will cause your scans to run longer! Web Application Test Settings Highlighted in red are two options that direct Nessus to be more comprehensive: Click the image above for a larger version

Blog Post

Tenable Network Security Podcast - Episode 46

Welcome to the Tenable Network Security Podcast - Episode 56 Hosts: Paul Asadoorian, Product Evangelist & Kelly Todd, Compliance Analyst Announcements Two new blog posts have been published this week, including: Microsoft Patch Tuesday Roundup - August 2010 - "Geronimo!" Edition San Francisco Security Showcase - Sept 15, 2010 New Nessus training is now being offered at BruCon 2010. It's a two-day course that will put students into a real-world environment where they will have to solve problems and identify vulnerabilities using the advanced features of the Nessus vulnerability scanner. Ron, Marcus, and Renaud present the San Francisco Security Showcase on September 15, 2010! This is a free event that will feature topics such as Nessus overview and future plans, The advantages of pairing active and passive scanning, An overview and discussion of current security strategies and new industry trends, The past, present and future of regulatory compliance, and Tenable Network Security product/solutions overview. Be certain to check out our video channel on YouTube that contains the latest Nessus tutorials. We're hiring! - Visit the web site for more information about open positions. You can subscribe to the Tenable Network Security Podcast on iTunes! Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Try for free Buy now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose your subscription option:

Buy Now
Try for free Buy now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose your subscription option:

Buy Now
Try for free Buy now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose your subscription option:

Buy Now
Try for free Buy now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for free Contact sales

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a sales representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable Security Center

Please fill out this form with your contact information.

A sales representative will contact you shortly to schedule a demo.

* Field is required

Request a demo of Tenable OT Security

Get the Operational Technology security you need.

Reduce the risk you don’t.

Request a demo of Tenable Identity Exposure

Continuously detect and respond to Active Directory attacks. No agents. No privileges.

On-prem and in the cloud.

Request a demo of Tenable Cloud Security

Exceptional unified cloud security awaits you!

We’ll show you exactly how Tenable Cloud Security helps you deliver multi-cloud asset discovery, prioritized risk assessments and automated compliance/audit reports.

See
Tenable One
in action

Exposure management for the modern attack surface.

See Tenable Attack Surface Management in action

Know the exposure of every asset on any platform.

Get a demo of Tenable Enclave Security

Please fill out the form with your contact information and a sales representative will contact you shortly to schedule a demo.

Try for free Buy now

Try Tenable Nessus Professional free

Free for 7 days

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
now available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select your license

Buy a multi-year license and save.

Add support and training
Buy Now
Renew an existing license Find a reseller
Try for free Buy now

Try Tenable Nessus Expert free

Free for 7 days.

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select your license

Buy a multi-year license and save more.

Add support and training
Buy Now
Renew an existing license Find a reseller