Personalizing Your Tenable.io Scans

Tenable.io™ Scan and Policy Templates allow you to set up scans with minimal configuration. There are templates for many tasks, such as Host Discovery, detecting the latest headline-grabbing malware, managing mobile devices and more. However, your network is constantly evolving. Eventually the predefined templates will not satisfy the needs of your network. With Tenable.io, you can optimize the management of your network’s cyber risk by designing and launching customized vulnerability scans that are tailored to your organization. Each template enables a specific set of plugins, and each plugin performs a different security check. By choosing the “Advanced Network Scan” template, you can select your own plugins. Similar plugins are broken up into Plugin Families. These Plugin Families may include plugins that run local checks, which require authentication credentials and test for vulnerabilities specific to the host manufacturer or OS distribution, or remote checks that do not gain access to the host before running the test. Creating a customized Advanced Network Scan policy is a good way to ensure that you receive the necessary information regarding your network’s cyber risk and exposure in a timely fashion.   Enumerating All...
Read more

Tenable Internship Takeaways: Understanding Different Port Scanning Techniques

As a summer intern for the research and development department at Tenable, I was surprised when my manager gave me a relatively straightforward first task: find every machine in the lab. I knew that some form of port scan was needed. Maybe I could start with a ping sweep of some IP range, or maybe something more comprehensive. But my manager also added some nuance to the project. I had to put myself in the shoes of a Tenable customer, and my objective was to present a plan to discover machines and to identify the Cyber Exposure risk on the lab network using Tenable.io. The first step was to define the network subnets, and then I had to scan the networks for vulnerabilities. TCP Handshaking TCP and SYN are two methods that stem from the concept of TCP handshaking. When two computers communicate over TCP/IP, flags are set on the TCP layer of a packet. A TCP flag is a series of bits that indicates how a packet should be handled by the server. Some important flags to remember are SYN (synchronize), ACK (acknowledge), RST (reset), FIN (no more data to send). In TCP handshaking, one computer sends a...
Read more