TMCnet News
Tenable Network Security Customers Gain Fast Advantage over Shellshock; New plugins, wizard and dashboard for Tenables popular Nessus and SecurityCenter products help businesses stay ahead of emerging threat(M2 PressWIRE Via Acquire Media NewsEdge) London, UK -- On Sept. 24, the world learned about Shellshock, a major security vulnerability in the ubiquitous Bash Unix shell. Less than 24 hours after the news broke, Tenable Network Security, Inc., the leader in continuous network monitoring, announced the release of a robust set of detection plugins and a new Shellshock policy wizard for its Nessus vulnerability scanner, the global standard in detecting and assessing network data. These upgrades were followed closely by a special Shellshock dashboard for SecurityCenter Continuous View, which allows for the most comprehensive and integrated view of network health. Protecting your business from something like Shellshock means staying ahead of the people who mean you harm, said Ron Gula, CEO at Tenable. From the first news of the vulnerability, Tenable was working hard to ensure that our customers had up-to-date and actionable information about Shellshock in their networks. Shellshock comes only months after the discovery of Heartbleed, a massive vulnerability in the Internets cryptography protocol, Open SSL. While the long-term impact of Shellshock remains undetermined, Gula believes it surpasses Heartbleed in severity due in part to detection difficulty. Heartbleed was relatively easy to detect, said Gula. Shellshock, on the other hand, is harder to detect because you have to check every possible attack vector, which means having the proper configuration and auditing every single one of your network assets. Widespread vulnerabilities such as Heartbleed and Shellshock have a tendency to reappear in your environment, said Paul Asadoorian, product marketing manager at Tenable. Determining where and how your business is vulnerable to Shellshock requires verifying that the patch was properly installed on the system, which is something Nessus and SecurityCenter CV do quite well. The discovery of security holes in two of the worlds most widely adopted open source programs highlights what may be yet to come. We are in a situation where many of these decades-old open source programs have become industry standards and provide the underpinning for the Internet as we know it. We must do more as an industry to audit and secure these key elements of our digital infrastructure, said Gula. To ensure that their systems are safe, existing Tenable customers should download the Nessus Shellshock plugins by visiting the Nessus Newest Plugins page. SecurityCenter users should also take advantage of the Shellshock dashboard to identify affected subnets, key indicators of compromise, and vulnerable systems by operating system and type. Those who want to learn more about how Tenables Nessus Policy Wizard identifies Shellshock vulnerability can visit the Nessus Discussions forum. About Tenable Network Security Tenable Network Security provides continuous network monitoring to identify vulnerabilities, reduce risk and ensure compliance. Our family of products includes SecurityCenter Continuous View, which provides the most comprehensive and integrated view of network health, and Nessus, the global standard in detecting and assessing network data. Tenable is relied upon by more than 24,000 organizations, including the entire U.S. Department of Defense and many of the worlds largest companies and governments. For more information, please visit www.tenable.com. Contact Information: Dulcie McLerie Smile on Fridays [email protected] +44 203 696 5822 Carolina Brealey Smile on Fridays [email protected] +44 203 696 5823 . (c) 2014 M2 COMMUNICATIONS |