Updated Windows Compliance Auditing
January 16, 2008Previously we've blogged about upcoming changes to how Nessus Direct Feed and Security Center users perform configuration audits of Windows servers and desktops. Version 2 of the Windows Compliance co...
Enhanced AIX and SuSE Auditing
January 14, 2008Tenable Network Security's research group recently introduced support for credentialed patch auditing of SuSE Enterprise 9 and 10 for both the Server and Desktop editions. Plugins which support patch ...
Detecting Web Servers with Malicious Javascript
January 9, 2008Recently, Tenable Network Security introduced Nessus plugin #29871 which looks at the content of a web site to see if it is hosting potential hostile javascript code. There have been several recent ma...
Introduction to the .nessus Scan, Policy and Report Format
January 7, 2008The Nessus Client 3.0 introduced a new format for Nessus scan policies, targets and results. This is known as the ".nessus" format. This blog entry discusses the advantages of this new file ...
Version 2 of Windows Compliance Checks Available for Testing
December 19, 2007Direct Feed and Security Center customers who use Nessus to perform configuration audits of their Windows computers can now beta test an upgrade of this technology. The upgrade provides enhanced audit...
Order from Chaos on Large Enterprise Networks
December 14, 2007I often get the chance to speak with our Security Center customers who perform active Nessus scans or monitor networks in realtime with the Passive Vulnerabiltiy Scanner (PVS). These customers general...
SANS 2007 Top 20 Scanning and Report Policies
December 7, 2007Tenable has produced a variety of report templates and scanning polices for both the NessusClient 3.0 and the Security Center. This blog entry discusses coverage of the SANS Top 20 2007 Annual Update ...
Solaris Software Enumeration with Nessus
December 5, 2007Tenable's research group has released several hundred new plugins for Nessus in the last few days. One of them in particular is very useful for Solaris environments. Plugin #29217 enumerates all inst...
Exceeding CIS and NIST Benchmarks - Third Party Patch Auditing
November 26, 2007For organizations that actively keep track of and manage their base operating system patches and configurations, a somewhat lofty goal is to try and tighten down third party patches. Organizations can...
Windows XP Professional CIS Certified Configuration Audits
November 19, 2007Tenable Network Security has received certification for the Nessus vulnerability scanner and Security Center to perform Center for Internet Security configuration audits of the Windows XP operating sy...
A big red 'X'
November 13, 2007I was recently forwarded a link to a BBC video which demonstrates how a user on a wireless network can attack another user and break into their system. In the video, the attacker uses Nessus and Meta...
UNIX Patch Auditing Over Telnet
November 8, 2007One of the powerful features of Nessus is its ability to perform patch auditing for many different operating systems over many different protocols. Most Nessus users understand that Nessus supports UN...