Tenable Releases Security Center 3.4
May 1, 2008Note: Tenable SecurityCenter is now Tenable.sc. To learn more about this application and its latest capabilities, visit the Tenable.sc web page. Earlier this week, we released Security Center 3...
Nessus turns 10 !
April 4, 2008Ten years ago today, I announced the initial public release of Nessus on the bugtraq mailing list. The initial version would run only on Linux and was bundled with 50 plugins (vulnerability checks) wr...
Testing Windows Vista systems for FDCC compliance with Nessus
February 29, 2008Previously, I posted a blog which showed how Nessus Direct Feed and Security Center users could audit Windows XP Pro systems against FDCC compliance settings. In this blog entry, we will show how this...
Tenable CIS and FDCC Updates
February 14, 2008Tenable Network Security was recently awarded certification by the Center For Internet Security to perform audits of the following best-practices benchmarks: Windows Server 2003 Legacy Benchmark fo...
Nessus UNIX Configuration Auditing "sudo" Support
January 31, 2008Tenable's research group recently added support to all SSH enabled UNIX configuration audits to make use of "sudo". Support is available in version 1.4.4 of the UNIX compliance checks. Some org...
Updated Windows Compliance Auditing
January 16, 2008Previously we've blogged about upcoming changes to how Nessus Direct Feed and Security Center users perform configuration audits of Windows servers and desktops. Version 2 of the Windows Compliance co...
Exceeding CIS and NIST Benchmarks - Third Party Patch Auditing
November 26, 2007For organizations that actively keep track of and manage their base operating system patches and configurations, a somewhat lofty goal is to try and tighten down third party patches. Organizations can...
Windows XP Professional CIS Certified Configuration Audits
November 19, 2007Tenable Network Security has received certification for the Nessus vulnerability scanner and Security Center to perform Center for Internet Security configuration audits of the Windows XP operating sy...
Why Aren't Any NAC vendors CIS Certified or speaking XCCDF?
September 27, 2007I was asked this question by a customer of ours at the recent NIST SCAP conference and I'm loosely paraphrasing: "We use Nessus and the Security Center to audit 1000s of workstations and lapt...
Using Nessus Configuration Audits To Test FDCC Compliance
September 25, 2007Tenable has recently announced FDCC audit policies for Nessus ProfessionalFeed and Security Center users. These policies help government organizations test Windows XP Pro and Vista desktops against OM...
Digital Bond OPC Hardening Guide
September 21, 2007If you are using Nessus to audit a control system network, Digital Bond has recently released a set of guidelines (part 1, 2 and 3) for securing OPC servers. These guidelines include three Nessus conf...
CIS Certification for Solaris and SuSE Linux audits
September 4, 2007Tenable Network Security has received certification from the Center for Internet Security to perform configuration audits of the Solaris 9 and SuSE Linux 9 operating systems. Audits can be performed w...