Videos uploaded by user “Tenable”
How Do You Pronounce Kubernetes? And What Is It?
Kubernetes is one of the hottest new topics in today's industry, and Tenable's VP of Cloud Engineering, Christos Kalantzis, is here to give you the breakdown - and how to pronounce it! We have global openings if you want to learn it: https://careers.tenable.com/kubernetes
Views: 49291 Tenable
Introduction to Nessus Version 6
This video provides an introduction to Nessus version 6, include new functionality for compliance and system hardening, automatic updates, a RESTful API, and much more! Visit http://www.tenable.com/new-in-nessus for more information.
Views: 48620 Tenable
Why Tenable.io with Dave Cole
Views: 6010 Tenable
Creating Compliance & System Hardening Policies in Nessus v6
Learn how to easily create compliance and system hardening policies in Nessus v6!
Views: 17394 Tenable
Saurik’s Magical World of Vulnerabilities
Jay “Saurik” Freeman (@saurik), developer of Cydia, the alternative to the App Store for jailbroken iPhones, is passionate about vulnerabilities. At the 2015 Black Hat Conference in Las Vegas, we spoke to Saurik about how his passion for vulnerabilities generates the same sense of wonderment as watching a magician. When a magician does a trick, he makes you believe he’s doing one thing, but he ends up doing something else. Security researchers are doing similar magician-like behavior when they’re exploiting vulnerabilities. In a show of bravado, they’ll create a sequence of events that you thought were impossible. I asked Saurik if he knew why so many companies who are aware of vulnerabilities take months to fix the bugs. One problem, is that they’re not set up to differentiate between important and unimportant bugs. Because they can’t make a decision internally, bug fixes end up languishing. Then there are some companies that do know about bugs and they fix them quickly, such as Google, said Saurik, but they rely on third parties to get that bug distributed. Google’s failure to distribute the bug fixes to the panoply of Android devices compounds a simple problem into an ever growing problem. The known bug has a second life as it gets installed on new Android devices months, if not a year, after the vulnerability was originally exposed. These zero day vulnerabilities end up living on as “forever day” vulnerabilities.
Views: 4764 Tenable
Deploying Nessus Cloud
Outlines deployment strategies for the Nessus Cloud, Tenable's cloud-hosted vulnerability management solution.
Views: 5993 Tenable
Detecting Known Malware Processes Using Nessus
How to enable and use the Nesus plugin which detects malicious process that are identified as malware.
Views: 13717 Tenable
Nessus Policy Creation Wizards
This video provides a brief introduction to the Nessus policy creation wizards and demonstrates how to create and run a basic network scan.
Views: 14684 Tenable
Nessus Configuration & Compliance Auditing
This video provides a brief overview of how Nessus performs configuration and compliance auditing.
Views: 19894 Tenable
Introduction to the Nessus Vulnerability Scanner
This video provides a brief introduction and demonstration of the Tenable Nessus vulnerability scanner.
Views: 58081 Tenable
Introduction To Using The Nessus Vulnerability Scanner
This video shows you how-to get started using the Nessus vulnerability scanner, including: Where to download Nessus Introduction to policies, scans, and reports Performing an asset discovery scan Running a network-based vulnerability scan Configuring a patch uditing scan Performing a configuration audit Detecting sensitive data (SSN & credit cards) Running web application tests Reporting & filtering Risk analysis and compliance (PCI DSS)
Views: 221140 Tenable
Analyzing Nessus Virus Detections with the Log Correlation Engine
When the Nessus vulnerability scanner identifies a virus, the logs and network activity associated with the infection can be analyzed by Tenable's Log Correlation Engine. In this example, a target system is infected with GameVance adware and logs from the Windows system as well as network traffic are analyzed with the Log Correlation Engine.
Views: 4371 Tenable
Nessus Patch Management Integration
This video provides a brief introduction to Nessus patch management integration, including a demonstration of detecting Windows patching conflicts.
Views: 9882 Tenable
Installing PVS, the Passive Vulnerability Scanner
A guide to basic installation and configuration of Tenable Network Security's PVS, the Passive Vulnerability Scanner.
Views: 6180 Tenable
Creating New Scan Policies in Nessus v6
Colin West demonstrates the new policy creation features of Nessus v6
Views: 26904 Tenable
Grace Hopper Conference 2018: Tips and Tricks!
Whether it's your first year attending or you're a seasoned conference-goer, we wanted to share some tips that we learned along the way. If you're interested in working in Cyber Exposure, get ahead of the crowd and check out our open jobs here: https://careers.tenable.com/grace-hopper-celebration-2018
Views: 1905 Tenable
High Speed Log Search with Tenable's Log Correlation Engine
Demonstration video of Tenable's Log Correlation Engine for log search of normalized and un-normalized logs. Video shows search of Windows event logs, SSH authentication, router and network traffic.
Views: 5453 Tenable
Nessus Agent Scan Operations
Describes launching a scan against a Nessus Agent group.
Views: 3020 Tenable
Introduction to PVS 4.0
An introductions to the features and enhancements in Tenable Network Security's PVS, the Passive Vulnerability Scanner, version 4.0
Views: 5756 Tenable
Nessus Agents Introduction: Nessus 6.4
This video provides an introduction to Nessus Agents, now updated for Nessus 6.4. For more information, see here: http://www.tenable.com/products/nessus/nessus-agents
Views: 6318 Tenable
Tour of the Network Operations Center at the 2015 Black Hat Conference
“It’s the best thing in the world. It’s like having the shiniest toy on Christmas,” said Neil “Grifter” Wyler (@Grifter801), of what it’s like to set up, run, and thwart off hackers from penetrating the NOC (network operations center) at the 2015 Black Hat Conference. The NOC at Black Hat is responsible for all network operations at the conference. This includes the training, briefings, and conference wi-fi. Wyler is one of the leads in charge of setting up the NOC. This year is the first year they’ve opened the doors of the NOC to the public, so anyone can see what they’re doing. They’re literally in a glass cage and onlookers can come by and gawk. Not everything is necessarily appropriate for the public such as IP addresses (which had to be hidden before I began filming), silly behavior, and sleeping on the floor. Luckily, this year there was a significant upgrade and Wyler and his staff will be sleeping on couches.
Views: 4392 Tenable
Bruce Schneier on Security Metrics that Matter
“I like to measure the performance of the team,” said Bruce Schneier (@schneierblog), CTO of Resilient Systems, Inc., in our conversation at the 2015 Black Hat Conference in Las Vegas. “I like to see metrics about people, about process, about technology. There isn’t one metric that works since it’s such a complicated and moving target… right now companies have to use the data that they have to figure out if their teams are effective.” Schneier feels that certain metrics, such as blocked attacks, don’t really provide a gauge of how secure you are. “Metrics can tell any story. Question is what story do you pull out of the data? Right now my worry is there’s too much data, too many metrics. You can say anything,” said Schneier. “But really, you’re making up a story with the data.” What you really need to do is measure the team’s performance. How are they doing? “If you can measure when and if your team responds and how they respond and how they react and how fast they close serious incidents then maybe you have something,” said Schneier who realizes that a lot of current metrics aren’t that useful. “How do you measure how effective you’d be against a Sony-like attack? You kinda can’t.” Here at Tenable we try to help security teams explain to the business their current state of security. It’s a hard thing to define, and it’s even harder to communicate. “There aren’t any really good pithy ways for the CISO to tell the board we’re doing OK, we’re not doing OK. It’s going to be gut. You’re going to stories instead of data,” said Schneier. “But there is this disconnect because it’s such a technical topic and the board really wants a soundbite.” FUTURE OF ENDPOINT SECURITY I shifted the conversation with Schneier to talk about endpoint security, and asked him how vigilant he felt we are with the proliferation of devices. “I worry less about computers and more about the cheaper devices – phones and the embedded devices, the Internet of Things. The endpoint security there is really terrible,” said Schneier. For all the unknown devices that perpetuate our networks, Schneier pointed out two competing visions. The first is requiring minimum standards for devices on the Internet. Any such requirements seem difficult if not impossible to enforce. The other, which seems more plausible, said Schneier, is that the network needs to be smarter. The reality is there are always going to be unknown devices on every network. The goal is to get security in spite of that.
Views: 1230 Tenable
#2 Routers, Firewalls, & Virtualization - Top Ten Things You Didn't Know About Nessus
In this segment we talk about how Nessus supports scanning, auditing, and patch checking for several different firewall and router platforms. We also discuss how you can integrate Nessus with your patch management systems.
Views: 2841 Tenable
Detecting Mobile Device Vulnerabilities Using Nessus
How to enable and use the Nessus plugins which identify mobile devices and vulnerabilities from your MDM (Mobile Device Management) servers.
Views: 12907 Tenable
Nessus Manager Deployment Strategies
Outlines deployment strategies for the Nessus Manager vulnerability management solution.
Views: 8254 Tenable
Introduction to SecurityCenter Continuous View
An introduction to Tenable Network Security's SecurityCenter Continuous View, which combines the power of Nessus with SecurityCenter, PVS, the Passive Vulnerability Scanner, and LCE, the Log Correlation Engine.
Views: 5945 Tenable
Working at Tenable: Technical Support Engineer
We need Tech Support people in our Dublin, Singapore & our Maryland HQ office. Meet the US team and get some tips on applying! https://careers.tenable.com/tech-support-US
Views: 799 Tenable
Introducing Tenable.io
Accurately identify, investigate and prioritize vulnerabilities. Managed in the Cloud. Tenable.io® is an integral component of the Tenable Cyber Exposure Platform that provides actionable insight into your entire infrastructure’s security risks, allowing you to quickly and accurately identify, investigate, and prioritize vulnerabilities and misconfigurations in your modern IT environment. Learn more at: https://www.tenable.com/products/tenable-io
Views: 1451 Tenable
Nessus HTML5 Interface Introduction
This video provides a brief introduction to the Nessus HTML5 interface.
Views: 6453 Tenable
Working at Tenable: Dublin Tech Support Engineer
Learn from our Dublin TSE team about what you need to join them on the Dublin Docks.
Views: 865 Tenable
Peekaboo Vulnerability - How It Works
Tenable Research discovered a critical vulnerability named Peekaboo permitting remote code execution in IoT network video recorders for video surveillance systems that would allow attackers to remotely view feeds and tamper with recordings. Here's an overview of how it works. Learn more on the Tenable blog: https://www.tenable.com/blog/tenable-research-advisory-peekaboo-critical-vulnerability-in-nuuo-network-video-recorder
Views: 2465 Tenable
Close the Gaps left by Traditional Vulnerability Management with Continuous Monitoring
Watch a preview video of the topics that will be discussed on a webcast featuring Ron Gula, CEO of Tenable Network Security, and guest Rick Holland, principal analyst with Forrester Research. Register for the Webcast: Americas: http://go.tenable.com/934XQB56800018c00bIdV00 EMEA: http://go.tenable.com/934XQB56800019b00bIdV00
Views: 1231 Tenable
Why Tenable Fits for the DoD
Description: Tenable CEO Ron Gula discussed the company's role in supporting the Defense Information Systems Agency's Assured Compliance Assessment Solution (ACAS)
Views: 972 Tenable
Nessus Scan Results & Filtering
Live view of results while scan is running, Different views of your scan data, Drilling down into the details quickly.
Views: 3794 Tenable
Nessus Scheduling, Report Emailing, and Result Modification
This video provides information on how to perform Nessus vulnerability scans on a schedule, email the reports to the appropriate people, and modify the results.
Views: 9053 Tenable
Nessus Local Patch Auditing
Remote vs local plugins, check for Windows missing patches, check for Linux missing patches, and patch management integration.
Views: 5435 Tenable
Ask ACAS - Tip 1: The 800-53 Dashboard for Configuration Auditing
In the first video of the series, Zach discusses the NIST 800-53 Dashboard for Configuration Auditing, which captures and automates the CCI families and their associated checks. You’ll hear how to configure, deploy, and use these checks to assess network issues.
Views: 1028 Tenable
Nessus Website Screenshots Feature
This video provides information on how to configure Nessus 5.2 to take a screenshot of all target websites and include them in the scan results.
Views: 5455 Tenable
Introduction to SecurityCenter 4.6 and PVS 3.8
Tenable Network Security has released SecurityCenter 4.6 and PVS 3.8. These new updates to SecurityCenter and the Passive Vulnerability Scanner include several new features and enhancements. Adding to the long-standing IPv6 capabilities of Nessus, both SecurityCenter and PVS now support IPv6. Combined, these create the only truly comprehensive IPv6 vulnerability assessment and management suite in the industry, and expand SecurityCenter CV's continuous monitoring capabilities to include IPv6 and dual stack IPv4/IPv6 environments. Other notable features include new asset creation tools, HTML5 dashboards, and multiple reporting enhancements. Watch this introductory video to see several of the new features and enhancements to SecurityCenter and PVS.
Views: 3061 Tenable
SecurityCenter Continuous View
SecurityCenter Continuous View
Views: 1291 Tenable
Vulnerability Metrics
Tenable CEO, Ron Gula, discusses how to analyze large amounts of vulnerabilities from Nessus and the PVS with a variety of scoring, asset classification and CVSS parsing examples.
Views: 5518 Tenable
Dan Kaminsky’s Prediction for the Next Silicon Valley
“Eighty four percent of Americans want something to be done with hacking,” said Dan Kaminsky (@dakami), chief scientist at White Ops Security, in our conversation at the 2015 Black Hat Conference in Las Vegas. That’s amazing to Kaminsky who claims you can’t get 84 percent of Americans to agree on anything. “These security problems are not just mainstream, they’re part of everyday life for everybody,” added Kaminsky. “But there’s consensus like there’s almost never consensus about anything… I see that consensus as being able to drive real genuine change. ” I responded by saying that consensus may be the result of people being more frightened by the increasing number of breaches. Kaminsky argued that we’re just aware of a problem that had always been there. We just didn’t’ know about it. “When I see that breaches are way up, you think it’s because breaches are way up. I think it’s because our detection and correction of them is finally starting to happen,” said Kaminksy. “[Because of this newfound visibility,] the era of hopefully permanent compromise is I’d like to say, if not coming to an end, at least everybody’s realizing just how bad it is.” Kaminsky went on to predict that the country that figures out how to host secure networks is going to host the next Silicon Valley. He bases his prediction on what has happened in the auto industry. The U.S. use to be the dominant player until Japan figured how to build cars better and that diminished the U.S.’s dominance in auto manufacturing. I argued that startups in Silicon Valley don’t build any security into their product. Kaminsky said that this can be remedied by building security tools for startups just like we’ve build tools for entrepreneurs to construct businesses. “We want to go ahead and tell the world this is how you build societies, this is how you build business. You use technology in a way that advances the speed of information,” said Kaminsky. “If we want to be able to tell people to do this, it has to be able to survive the onslaught and it’s not right now.”
Views: 698 Tenable
Meet our Dublin R&D Team!
We’ve more than tripled our Dublin team in the past year and we’re looking for additional engineers to enjoy the views of the Liffey from our new Dublin Docklands office. View our open roles here: https://careers.tenable.com/dublin-research-developer-jobs
Views: 836 Tenable
Tenable Nessus integration with Cisco ISE
A brief introduction to integrating Cisco ISE with Tenable's Nessus.
Views: 3577 Tenable
Bruce Schneier on Cloud Computing Trade-Offs
“As a business or as an individual you have to make a choice. Should I do this thing, whatever it is, on my computer and on my network or on a cloud computer on a cloud network,” asked Bruce Schneier (@schneierblog), CTO of Resilient Systems, Inc., in our conversation at the 2015 RSA Conference in San Francisco. Whatever you choose, you’re going to be making a tradeoff. Schneier recommends you first look at who your adversaries are. “If your adversaries are a cybercriminal I bet Google can do a better job at securing your stuff than you can. If your adversary is the U.S. government, Google will respond to court orders and not tell you about it, so maybe you’re better keeping it. It’s going to depend on what you’re worrying about,” said Schneier, who runs his personal email on his own computers, not so much for security reasons, but for control. He doesn’t want Google looking at his email or sending him advertising. Schneier understands that by hosting his own mail versus cloud-based mail will mean he’ll have to give up the ability to have access to his mail from any device and the ability to use Google’s anti-spam and Gmail features. In exchange, Schneier gets to use Eudora, his favorite email program. Plus, he can read his email on airplanes. For him that’s much more important. For a lot of people it’s not. If your business is moving to the cloud, you’ll have to ask similar questions. “Business service is the same way. You put stuff on the cloud you get a lot of benefits. You get a lot of benefits of the cloud services, the management of interactions among customers, you lose the ability to control it locally. Now for a lot of applications and a lot of businesses, that’s a really good trade off. It’s more reliable, it’s cheaper, it’s more feature rich, and you don’t have to manage it. That’s a plus. You don’t what country your data is in, maybe. That could be a minus. You don’t know what governments are accessing it. That could be a minus. For most companies I don’t think they care very much. It really depends on who your adversary is, what you’re worried about, and what your tradeoffs are,” said Schneier. Check out Schneier’s full video in which he talks about cloud computing trade-offs. I decided to keep a couple of other conversations we had about people’s exhaustion with security warnings and what management needs in order to make decisions about security.
Views: 710 Tenable
LCE 4.0 Overview with Ron Gula
Ron Gula, Tenable's own CEO and CTO, describes the new features included with the latest release of LCE (Log Correlation Engine) version 4.0.
Views: 1482 Tenable