Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Research
Podcast

Research Podcast
Sept 8 · 19 minutes
Hold the Door - VPN Vulnerabilities Unlock Entry to Your Network

On this edition of the Research podcast, we talk to Satnam Narang and Claire Tills about the Security Response Team’s recent research blog around SSL VPN vulnerabilities. That blog looked back at how three particular flaws in major VPNs are frequently exploited, so we look at when these vulnerabilities were disclosed, what the impact of them are, who has been attempting to exploit them and who the targets have been.

  • Listen:
  • Google Podcasts
  • Spotify
  • Stitcher
  • iTunes

Show References

Follow along for more from Tenable Research:

Research Podcast
Aug 24 · 46 minutes
Light Patches, Router Issues and a Year of Zerologon

This month we look at new blogs from Tenable’s security response team, including on a year of Zerologon, vulnerabilities in Microsoft Exchange Servers and Pulse Secure, and a widely spread flaw in wifi routers which could affect thousands of users globally.

  • Listen:
  • Google Podcasts
  • Spotify
  • Stitcher
  • iTunes

Show References

Follow along for more from Tenable Research:

Research Podcast
Aug 2 · 21 minutes
Black Hat 2021 and the Return to Conferences

As the first major security conference prepares to take place, Tenable's chief security strategist Nathan Wenzler talks to Dan Raywood about what the conference scene could look like going forward, what people can expect from the experience and what virtual and in person delegates will be looking to gain from attending.

  • Listen:
  • Google Podcasts
  • Spotify
  • Stitcher
  • iTunes
Research Podcast
July 21 · 44 minutes
Nightmare, Ransomware, Patches Everywhere

In this episode we talk to security researchers Claire Tills and Satnam Narang on a busy month in cybersecurity headlines, from an MSP facing a major ransomware situation, to Microsoft’s attempts to keep up with the PrintNightmare issue, and evaluating July’s bumper Patch Tuesday offering.

  • Listen:
  • Google Podcasts
  • Spotify
  • Stitcher
  • iTunes
  • Amazon Music

Show References

Follow along for more from Tenable Research:

Research Podcast
June 28 · 45 minutes
Back to Reality, Ransomware and Patch Tuesday

Welcome back to the Tenable Research Podcast. In this new episode we look back at June’s Microsoft patches, and ask Tenable senior research engineer Satnam Narang what he feels the reasons are for the number of patches generally decreasing both monthly and annually.

We are also joined by director of product management Ray Carney, as we look into the increase of ransomware in 2021, what have been the causes of this increase, and what the threat landscape looks like currently.

  • Listen:
  • Google Podcasts
  • Spotify
  • Stitcher
  • iTunes
  • Amazon Music

Show References

Follow along for more from Tenable Research:

Research Podcast
January 14 · 61 minutes
Learning from a No Good, Very Bad Year

As always, we discuss the latest vulnerability news and the first Patch Tuesday of the year. Then, the Security Response Team walks us through their 2020 Threat Landscape Retrospective report. The team did the tough work of looking back at everything that happened in 2020 and deriving some key lessons we can all take into 2021. Read the full report

  • Listen:
  • Google Podcasts
  • Spotify
  • Stitcher
  • iTunes

Show References

Follow along for more from Tenable Research:

Research Podcast
December 10 · 52 minutes
Security Research in 2020

We’re joined by four members of the Zero Day Research team - Nick Miles, Jimi Sebree, Chris Lyne, and Evan Grant - to talk about what it’s like being a security researcher in 2020. Conferences mostly cancelled, vendor responses fluctuating, concerns about selecting targets and promoting work - it’s complicated out there for researchers. As always, Satnam breaks down the latest vulnerability news for us.

  • Listen:
  • Google Podcasts
  • Spotify
  • Stitcher
  • iTunes

Show References

Follow along for more from Tenable Research:

Research Podcast
Nov 13 · 50 minutes
Benchmarks and You: Making the Right Match

On this episode, we talk about November Patch Tuesday - Satnam highlights some of the vulnerabilities and we discuss the new, limited format for the advisories from Microsoft. Our guest this month is Grant Dobbe who gives us a crash course on compliance benchmarks and how to pick the right one for you. The key lesson: don’t try to put a jet engine on a Cessna.

  • Listen:
  • Google Podcasts
  • Spotify
  • Stitcher
  • iTunes

Show References

Tenable Research Podcast Musical References

Research Podcast
Sep 10 · 58 minutes
The Joys of Compliance (No Kidding)

We kick things off with this month’s vulnerability news as well as some primary research Satnam has done into questionable advertisements on TikTok. Then, we speak with Justin Brown about the joys of audit and compliance. Specifically, he talks about how his team works to develop and improve over 100,000 configuration checks.

  • Listen:
  • Google Podcasts
  • Spotify
  • Stitcher
  • iTunes

Show References

Research Podcast
August 13 · 27 minutes
Automate all the things

Our guest this month is Luke Tamagna-Darr and he tells us about some of the automation projects his team is working on, including predicting CVSS vectors when they are missing from vulnerability descriptions. As always, Satnam walks us through the latest vulnerability news as well as the work Tenable Research has done to identify devices impacted by Ripple20.

  • Listen:
  • Google Podcasts
  • Stitcher
  • Spotify

Show References

Research Podcast
May 14 · 38 minutes
What's the deal with Web App Scanning?

Satnam walks us through May’s Patch Tuesday which, even at 111 vulnerabilities, was a bit calmer than prior months’ releases. We also talk about vulnerabilities in vBulletin, Cisco, Salt Framework and Sophos XG Firewall - and more. Satnam highlights primary research including flaws Tenable Research found in Instacart’s website and social media scams. To round it out, Eric Detoisien, Director of Research for WAS Content, joins us to talk about web application scanning and how his small-but-brilliant team develops WAS plugins.

  • Listen:
  • iTunes
  • Stitcher
  • Spotify

Show Notes

Recently from Research:

Follow the Security Response Team on the Tenable Community.

Research Podcast
April 16 · 27 minutes
Analyzing Digital Loops and Whorls: OS Fingerprinting

As per usual, we’re talking about Microsoft Patch Tuesday with the added bonus of a record-breaking Oracle Critical Patch Update. All told, the releases covered 563 CVEs! Satnam discusses vulnerabilities in VMware vCenter and Zoom, as well as some primary research the SRT has done about protecting the remote workforce. Our guests this episode are Jesus Galan, Research Manager of Vulnerability Detection and Greg Betz, Research Manager for Asset Competitiveness. They joined us to talk about OS fingerprinting.

  • Listen:
  • iTunes
  • Stitcher
  • Spotify

Show Notes

Recent SRT Blogs

Tenable Research Blogs

Follow the Security Response Team on the Tenable Community.

Research Podcast
March 11 · 27 minutes
Hello EternalDarkness, My New Friend

On this episode, we talk about Microsoft’s Patch Tuesday for March which covered a whopping 115 vulnerabilities! However, CVE-2020-0796 stole the show. Satnam walks us through the vulnerability, how it compares to EternalBlue and what practitioners need to know. Giuliana Carullo from the Tenable Vulnerability Database team also joined us to continue the conversation about automation and how her team models the vulnerability landscape.

  • Listen:
  • iTunes
  • Stitcher
  • Spotify

Show Notes

Recent SRT Blogs

Apply to work on the Tenable Vulnerability Database team.

Follow the Security Response Team on the Tenable Community.

Research Podcast
February 26 · 18 minutes
Automating Vulnerability Intelligence Feeds the Right Way

On this episode, we talk about February’s Patch Tuesday, the release of a PoC for CVE-2020-0618, and exploitation of a vulnerability in the ThemeGrill Demo Importer plugin for WordPress. We also speak with Ryan Hoy about the Vulnerability Intelligence Feeds and the work his team does developing and improved the plugin automation framework.

Catch Tenable Researchers presenting at BSides Tampa on February 29.

  • Listen:
  • iTunes
  • Stitcher
  • Spotify

Show Notes

Recent SRT Blogs:

Primary Research

The Tenable Tech Blog on Medium

Follow the Security Response Team on the Tenable Community.

About the
Tenable Research Podcast

Join members of Tenable Research for a discussion about the latest vulnerabilities, exploits and cyber threats. Analysis, insights and guidance for information security and IT professionals who want to stay in the know.

About
Your Hosts

Dan Raywood is a product marketing manager for Tenable’s security research team, and has spent more than ten years working in the cybersecurity industry as a journalist, analyst, speaker and researcher.

Claire Tills is a product marketing manager for Nessus and Tenable Research. She is responsible for translating the work of the Tenable Research teams and Nessus product into insight and guidance for the information security community. Before joining Tenable, Claire worked for the FS-ISAC upon receiving a Master’s degree in communication, with a focus on information security.

Satnam Narang joined Tenable in 2018 as a Senior Security Response Manager. He has over 14 years experience in the industry (M86 Security and Symantec). He contributed to the Anti-Phishing Working Group, helped develop a Social Networking Guide for the National Cyber Security Alliance, uncovered a huge spam botnet on Twitter and was the first to report on spam bots on Tinder. He's appeared on NBC Nightly News, Entertainment Tonight, Bloomberg West, and the Why Oh Why podcast.

Try for Free Buy Now
Tenable.io FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.