Ron Gula

The data from Nessus malicious process checks can be immediately leveraged by SIEM and log search tools. In this blog post we will consider a very basic example of how a computer infected with the GameVance adware can be analyzed with the Log Correlation Engine (LCE).

I am extremely pleased to announce that Tenable has received its first institutional round of funding: a $50 million investment from Accel Partners. The investment will help us continue to develop and improve our solutions and improve our customers’s experience. Tenable celebrates its 10th anniversary this month. During that time, we’ve made Nessus the number one trusted vulnerability scanner in the world with more than 1 million users across 150 countries. We did this though a combination working closely with our community and continually adding improvements to make our users’s lives easier and through our own innovation to push Nessus to do even more than vulnerability assessments. Today, Nessus not only detects vulnerabilities, it finds malware, botnets, credit cards, configurations that will get you hacked or fined and most recently, issues with your iPhone and Android devices. Tenable’s SecurityCenter, our enterprise platform for Nessus, has also become the preferred enterprise security solution for nearly 1,000 enterprise customers including the entire U.S. Department of Defense. We have changed the vulnerability management paradigm through our unique combination of scalable network vulnerability monitoring, vulnerability scanning and log management. It has helped our customers break down traditional security silos, have a unified view of their security posture and respond quicker to incidents and audits than was previously thought possible. 

Tenable’s Research team recently added the ability for Nessus to evaluate audited hosts to see if they are connected to or configured with a known botnet IP address. In this blog entry, we will review all of the features available within Nessus for botnet and malware detection, as well as the types of features that are available in other Tenable products.

IPv6. It’s big, unavoidable, exciting, and concerning…  The Internet protocol that we’ve come to know and love (IPv4) is about to get a facelift (or, at least a serious shot of HGH). The tech community is bracing for a wild ride ahead -- guaranteed to be riddled with successes, failures, and security snafus as IPv6 is rolled out. In fact, we just saw the first DDoS attack targeting IPv6 networks earlier this month -- making this a very timely topic.

Cross referencing the results of your vulnerability scans with the list of public exploits helps identify likely targets for authorized penetration testing teams. Removing these vulnerabilities significantly raises the value of a penetration test since the team will have to work much harder to find issues that aren’t found through automation. There are many subtle issues to consider when correlating available exploits with vulnerabilities. In this blog entry, we’ll highlight these issues by considering exploit correlation with attacks available from the Metasploit project, Core, and Immunity with the results of a very large Nessus scan of several thousand web servers.