Posts Tagged ‘Tenable’


Please join E-SPIN, Westcon and Tenable Network Security for an day of networking, food, and fun. This event will provide those in technology and cybersecurity with the opportunity to grow their security knowledge via an immersive hands-on cybersecurity sharing experience.

For more info , please click on this link https://goo.gl/DKHPiV

Read Full Post »

This video is about Web Application Security Challenges and Solution by E-SPIN

Web Application Security Challenges and Solution

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Web Application Security Challenges and Solution what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »


This video is about Tenable.io product that presented in Malay version .

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Tenable.io  what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »


For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Tenable.io  what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

Tenable’s Unified Security Monitoring (USM) solution uniquely solves that challenge by integrating active and passive vulnerability management with SIEM capabilities –- providing a contextualized and prioritized view of events and activity. USM helps users quickly focus their attention and energies on the most pressing security issues, as well as ferreting out suspicious activity that would otherwise go undetected.


New release of Tenable’s Log Correlation Engine (LCE) version 4 adds several new features that enhance its ability to support complex enterprise environments, as well as make the day-to-day jobs of users easier and more productive. Here are some of the key upgrades:

  • Much faster processing speeds. LCE v4 can process more than 30,000 events per second. That’s up to 20 times faster than version 3, made possible through multi-core support and other engine improvements.
  • ‘Smart’ load balancing. LCE v4 automatically routes tasks to new or underutilized servers when workloads increase, enhancing efficiency.
  • Enhanced event full-text search. Allows LCE users to identify specific events and network-based activity by rapidly sifting through mountains of log data, saving time and improving efficiency.
  • Easier deployment, administration, and operation; centralized administration of LCE Client systems. Existing LCE users will welcome operational enhancements, including the ability to update remote client configuration settings through changes on a central LCE server, saving time and reducing the potential for errors.

Tenable Log Correlation version 4 increases employees work efficiency by implementing easier user guide for further understanding to reduce product complexity.

For more information about Tenable LCE v4, please visit


Read Full Post »

We often hear about vulnerabilities in client software, such as web browsers and email applications, that can be exploited by malicious content. The repeated stories about botnets, infected web sites, and viruses which infect us with malicious documents, movies, and other content have ingrained the concept of an exploitable client in our minds.

In this blog entry, we will discuss auditing client software for vulnerabilities and describe the three different types of client-side exploits and how they can impact the risk of your network.

Auditing Client-Side Exploits

The largest misconception I’ve encountered from security auditors who test client-side software is a focus on the operating system or application. Nessus audits hundreds of different manufacturer patches and will readily identify issues in an operating system that were not shipped with the operating system.

The solution is to perform a complete patch audit of a scanned system. Passive Vulnerability Scanner will identify client vulnerabilities based on DNS lookups, web queries, dedicated client protocols, and analysis of unencrypted conversations over FTP, SMTP, IMAP, SMB, and many others.


Type 1 – Traditional Client-side Exploits

These exploits target browsers, browser plugins, and email clients. Today, there is a fine line between email and web applications since many email applications share libraries when viewing emails that have been formatted with HTML content.

Type 2 – Clients with Exposed Services

Many types of client software will actually open up a socket and run a service that communicates on the network. If the host is directly connected to the Internet or to mobile broadband networks and it does not have a firewall, it may be attacked directly without any need for user interaction such as opening an email.

Within Nessus 5, this can be refined further within your scan policy by adding a filter for a “plugin type” of “remote” as compared to a credentialed “local” check. Combinations can be further added to target specific classes of software.

Type 3 – Clients Exposed to Hostile Servers

This type of client exploit may seem very similar to our first type, but the differentiation is that the server isn’t hosting hostile data –- the server itself can be manipulated to attack a client directly.

Vulnerabilities like this can be used to hop through firewalls in a much more direct manner than by attempting to compromise an administrator’s system with some sort of Internet-based social engineering exploit. If the administrative access to the DMZ systems is allowed from an internal network and there is vulnerable client software in use, a DMZ server under control of an attacker could modify the service to conduct attacks against the client.

Some example vulnerabilities detected by Nessus that could be used to run code from a maliciously controlled server:

Code execution in FTP clients:
21565 FileZilla FTP Client Unspecified Overflow

Code execution in SSH clients:
37021 FreeBSD : putty — buffer overflow vulnerability in ssh2 support (19518d22-2d05-11d9-8943-0050fc56d258)

Code execution in SNMP clients:
38099 USN-685-1 : net-snmp vulnerabilities

Code execution in web clients:
49102 USN-982-1 : wget vulnerability

45133 Firefox < 3.6.2 Multiple Vulnerabilities
51162 MS10-090: Cumulative Security Update for Internet Explorer (2416400)

To find out further code that can help your organization to enhance your network security  explore the information given below in



Read Full Post »

Tenable Network Security, Inc., the leader in Unified Security Monitoring(USM), today announced the availability of the Nessus® 5.0 vulnerability scanner, new version of Industry’s Most Widely-deployed Vulnerability and Configuration Assessment Solution Enhances Usability, Policy Creation, Efficiency, and Communication.

“Version 5.0 builds on the solid foundation Nessus has established for quality and accuracy, and now makes it easier and faster to install and use.”

Nessus 5.0 delivers top-line business benefits by introducing enhancements that streamline and optimize each of the major phases of thevulnerability and configuration assessment process. Specific benefits include:


  1. Streamlined startup – New installation wizard and web interface ensure Nessus 5.0 is up-and-running, completely configured in minutes.
  2. Rapid policy creation – More than two dozen new plugin filters make it fast and easy to create policies for targeted scans. Selecting multiple filter criteria, such as, vulnerability publication date, public vulnerability database ID, information assurance vulnerability alert (IAVA), and more, makes it simple to identify easily-exploitable vulnerabilities.
  3. Industry-leading efficiency – Real-time scan results combined with on-the-fly filtering allow users to quickly see risk level and act upon vulnerability data without waiting for the scan to complete. One-click navigation makes it easy to jump from critical vulnerability to vulnerable host to the details of the vulnerability. Five severity levels quickly separate informational data from actionable results.
  4. Fully customizable reports – Multiple filters, results management, and new pre-configured report formats allow users to produce targeted reports tailored to fit the needs/interests of executives, systems administrators, and auditors. Users can also combine multiple report templates into a single, comprehensive report, which can be delivered in a variety of formats, including PDF.

LCE Version 4 introduces several new enhancements that speed results, optimize workflow, and improve system reliability including:

  1. Event Processing Speeds in Excess of 30,000 events per second give network, security, and compliance teams near-instant visibility, pinpointing threats and misconfiguration.
  2. ‘Smart’ Load Balancing goes beyond simple “round robin” server switching capabilities by automatically targeting new or underutilized servers when workloads increase. Users can dynamically add new instances of LCE that will aggressively accept workloads until it has caught up with its peers.
  3. Enhanced Event Full-text Search allows LCE users to identify specific events and network based activity by rapidly sifting through mountains of log data. 

These updates, along with additional functionality enhancements embedded in LCE Version 4.This integration delivers two key business benefits: 

  1. Cost Savings: Integration between log correlation and vulnerability management improves operational efficiency and reduces costs by eliminating the need for a standalone log management solution that requires additional staffing and financial resources.
  2. Rock-Solid Security:The integration of log correlation data with vulnerability intelligence results in streamlined compliance, faster and more reliable attack mitigation and detection, and deeper intelligence and reporting on existing and emerging risks. 

If you want to access to the full detailed topic over of the above information, please feel free to subscribe for our free newsletter and get access to the professional reading book: database security. The article is cater for vulnerabilities, threats, and compliance data, delivering real-time network vulnerability intelligence and threat correlation. 

For more information please visi





Read Full Post »

Older Posts »