My Favorite Question to Ask Nessus Users
As Tenable CEO, I love to get all types of feedback from our customers. Nessus users give terrific feedback because they run Nessus everywhere and always have suggestions for features and improvements. When I get a chance to ask them about Nessus, I always ask them one question:
Have you ever found malware with Nessus?
If they say yes, then we can have a conversation about APT and bypassing anti-virus or even their sandbox. If an organization has an anti-virus program and deploys sandboxes, then Nessus finding malware is actually a significant event. It means that some set of known malware has bypassed the malware defenses. Even if the malware is minor to some extent, investigating how Nessus got it, why the resident anti-virus program didn’t find it, or why the sandbox didn’t see it can expose limits or holes in the security monitoring program.
If they say no, then we can have a conversation about their use of Nessus and if their deployment includes the use of credentialed scans. Normally, when I speak with a Nessus user who does not scan with credentials, they also aren’t taking advantage of malware auditing, patch auditing, configuration auditing, web application auditing, mobile device auditing or auditing cloud applications such as Salesforce.com.
Chances are, wherever you work, someone on your IT team is using Nessus. Feel free to make sure they are getting the most out of it and ask them what their experience has been; the answer may surprise you!
Related Articles
Cybersecurity Snapshot: North Korea’s Cyber Spies Hunt for Nuclear Secrets, as Online Criminals Ramp Up AI Use in the EU
July 26, 2024Check out a CISA-FBI advisory about North Korean cyber espionage on critical infrastructure orgs. Plus, what Europol found about the use of AI for cybercrime. Meanwhile, the risk concerns that healthcare leaders have about generative AI. And a poll on water plant cybersecurity. And much more!
Kinsing Malware Hides Itself as a Manual Page and Targets Cloud Servers
May 16, 2024Tenable Cloud Security Research Team has recently discovered that Kinsing malware, known for targeting Linux-based cloud infrastructures, exploits Apache Tomcat servers with new advanced stealth techniques. Explore our analysis and the indicators of compromise in this report.
Shifting the Paradigm: Why the Cyber Insurance Industry Should Focus on Preventive Security
May 13, 2024As claims and losses climb, it’s clear that preventive security should be prioritized more when designing a cyber insurance policy. Here’s why preventive security investments are cost effective and can lead to lower premiums.
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
August 13, 2024Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
Compromising Microsoft's AI Healthcare Chatbot Service
August 13, 2024Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
- Malware
- Nessus