Feeds:
Posts
Comments

Posts Tagged ‘Tenable’

This video is about E-SPIN & Tenable Network Security: CyberSecurity Transformation Challenges and Solutions event cover the event opening, guest speaker talks, socialize and networking session summary and highlight

E-SPIN & Tenable Network Security CyberSecurity Transformation Challenges and Solutions

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a E-SPIN & Tenable Network Security CyberSecurity Transformation Challenges and Solutions what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

E-SPIN_Tenable_CyberSecurity_Transformation_EventPoster

Please join E-SPIN, Westcon and Tenable Network Security for an day of networking, food, and fun. This event will provide those in technology and cybersecurity with the opportunity to grow their security knowledge via an immersive hands-on cybersecurity sharing experience.

For more info , please click on this link https://goo.gl/DKHPiV

Read Full Post »

This video is about Web Application Security Challenges and Solution by E-SPIN

Web Application Security Challenges and Solution

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Web Application Security Challenges and Solution what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

tenable-io_product_overview_malay_version

This video is about Tenable.io product that presented in Malay version .

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Tenable.io  what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

tenable-io_product_overview

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Tenable.io  what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

Tenable’s Unified Security Monitoring (USM) solution uniquely solves that challenge by integrating active and passive vulnerability management with SIEM capabilities –- providing a contextualized and prioritized view of events and activity. USM helps users quickly focus their attention and energies on the most pressing security issues, as well as ferreting out suspicious activity that would otherwise go undetected.

teable_LCE

New release of Tenable’s Log Correlation Engine (LCE) version 4 adds several new features that enhance its ability to support complex enterprise environments, as well as make the day-to-day jobs of users easier and more productive. Here are some of the key upgrades:

  • Much faster processing speeds. LCE v4 can process more than 30,000 events per second. That’s up to 20 times faster than version 3, made possible through multi-core support and other engine improvements.
  • ‘Smart’ load balancing. LCE v4 automatically routes tasks to new or underutilized servers when workloads increase, enhancing efficiency.
  • Enhanced event full-text search. Allows LCE users to identify specific events and network-based activity by rapidly sifting through mountains of log data, saving time and improving efficiency.
  • Easier deployment, administration, and operation; centralized administration of LCE Client systems. Existing LCE users will welcome operational enhancements, including the ability to update remote client configuration settings through changes on a central LCE server, saving time and reducing the potential for errors.

Tenable Log Correlation version 4 increases employees work efficiency by implementing easier user guide for further understanding to reduce product complexity.

For more information about Tenable LCE v4, please visit

http://e-spincorp.com/espinv3/index.php/tenable-network-security/tenable-solutions

Read Full Post »

We often hear about vulnerabilities in client software, such as web browsers and email applications, that can be exploited by malicious content. The repeated stories about botnets, infected web sites, and viruses which infect us with malicious documents, movies, and other content have ingrained the concept of an exploitable client in our minds.

In this blog entry, we will discuss auditing client software for vulnerabilities and describe the three different types of client-side exploits and how they can impact the risk of your network.

Auditing Client-Side Exploits

The largest misconception I’ve encountered from security auditors who test client-side software is a focus on the operating system or application. Nessus audits hundreds of different manufacturer patches and will readily identify issues in an operating system that were not shipped with the operating system.

The solution is to perform a complete patch audit of a scanned system. Passive Vulnerability Scanner will identify client vulnerabilities based on DNS lookups, web queries, dedicated client protocols, and analysis of unencrypted conversations over FTP, SMTP, IMAP, SMB, and many others.

tenable-pvs

Type 1 – Traditional Client-side Exploits

These exploits target browsers, browser plugins, and email clients. Today, there is a fine line between email and web applications since many email applications share libraries when viewing emails that have been formatted with HTML content.

Type 2 – Clients with Exposed Services

Many types of client software will actually open up a socket and run a service that communicates on the network. If the host is directly connected to the Internet or to mobile broadband networks and it does not have a firewall, it may be attacked directly without any need for user interaction such as opening an email.

Within Nessus 5, this can be refined further within your scan policy by adding a filter for a “plugin type” of “remote” as compared to a credentialed “local” check. Combinations can be further added to target specific classes of software.

Type 3 – Clients Exposed to Hostile Servers

This type of client exploit may seem very similar to our first type, but the differentiation is that the server isn’t hosting hostile data –- the server itself can be manipulated to attack a client directly.

Vulnerabilities like this can be used to hop through firewalls in a much more direct manner than by attempting to compromise an administrator’s system with some sort of Internet-based social engineering exploit. If the administrative access to the DMZ systems is allowed from an internal network and there is vulnerable client software in use, a DMZ server under control of an attacker could modify the service to conduct attacks against the client.

Some example vulnerabilities detected by Nessus that could be used to run code from a maliciously controlled server:

Code execution in FTP clients:
21565 FileZilla FTP Client Unspecified Overflow

Code execution in SSH clients:
37021 FreeBSD : putty — buffer overflow vulnerability in ssh2 support (19518d22-2d05-11d9-8943-0050fc56d258)

Code execution in SNMP clients:
38099 USN-685-1 : net-snmp vulnerabilities

Code execution in web clients:
49102 USN-982-1 : wget vulnerability

45133 Firefox < 3.6.2 Multiple Vulnerabilities
51162 MS10-090: Cumulative Security Update for Internet Explorer (2416400)

To find out further code that can help your organization to enhance your network security  explore the information given below in

info@e-spincorp.com

http://e-spincorp.com/espinv3/index.php/tenable-network-security

Read Full Post »

Older Posts »