News

Tenable Network Security, Inc. today announced it has released Security Center 3.4 for general availability. Tenable’s Security Center provides continuous, asset-based security and compliance monitoring. It unifies the process of asset discovery, vulnerability detection, data leakage detection, event management and configuration auditing for small and large enterprises.   More Information

On April 23rd and 24th, Marcus Ranum will be speaking at the Mnemonic Risk Management and Information Security Conference 2008 which will be held at the Ulleval Business Class in Norway.   More Information

Tenable Network Security, Inc. announced today that Tenable’s Security Center has been validated by NIST to perform Security Content Automation (SCAP) FDCC Compliance Auditing for the Microsoft XP and Vista platforms.   More Information

Tenable Network Security, Inc. today announced that Tenable’s Nessus 3 received recognition in the 2008 SC Magazine Awards program by being named a finalist in the Reader Trust Award for "Best Audit/Vulnerability Assessment Solution".   More Information

10 years ago today, Nessus was first released to the public. Renaud Deraison did a write up about these ten years on the Tenable blog.   More Information

Tenable Network Security is proud to announce the availability of Nessus® 3.2.0.

This new major releases contains several improvements, including:

- IPv6 support
- Improved control of network bandwidth usage during scanning
- Granular access to control rules to limit users to specific ports and audits
- Improved WMI support
- Full support for the new .nessus file format

Other notable improvements cover every area, ranging from reduced memory usage, new tools, improved port scanner, new NASL functions, and more.


This new release is available for Microsoft Windows, Linux, Solaris, Mac OS X and FreeBSD.   More Information

Tenable Network Security, Inc. announced today that it has engaged SAIC to perform Security Content Automation (SCAP) FDCC Compliance Testing for Tenable’s Security Center 3.2 Product suite for the Microsoft XP and Vista platforms.   More Information

Marcus Ranum, Chief of Security at Tenable Network Security, Inc., will participate in IDC's sixth annual IT Security Roadshow. IDC CEMA is the most trusted market intelligence and advisory firm in Central & Eastern Europe and the Middle East & Africa (CEMA).   More Information

Tenable is proud to announce the immediate availability of Nessus 3.1.9 beta.


The main changes compared to 3.1.5 are the following :

- Debian 4 and Fedora 8 builds
- Fixed several issues with counting the maximum number of TCP
sessions in parallel
- New nessusd.conf options (nasl_log_type, stop_scan_on_hang)
- During a scan, the number of TCP sessions in parallel shows up if log_whole_attack is set
- The 'nessus' command-line tool can now import .nessus files
- 'nessuscmd' can upload ssh keys and .audit files on the remote server
- Improved nessus_tcp_scanner
- Several bug fixes

   More Information

Tenable is proud to announce the availability of NessusClient 3.0.1.

NessusClient 3 is the official GUI for the standalone version of Nessus. Its key features are :

- Real-time results. No need to wait until the end of a scan to start analyzing the findings of Nessus
- Document based. Save your policies, scan results and scan targets into a single file
- New XML based report format. The new '.nessus' file format saves into a single XML file your scan policies, scan targets and scan results
- Multiple connections. NessusClient can connect to several scanners at the same time
- Consistent interface. The same interface exists on Mac OS X, Windows and Linux

This product can be downloaded from Nessus.org for Windows, Ubuntu Linux, Debian Linux, Red Hat Enterprise Linux 4 and 5, Fedora Core 6 and 7, and OpenSUSE 10.2

This update contains the following fixes :

- Exporting a policy to the old .nessusrc format now generates a file which properly configures the port scanners and plugin preferences

- On Windows, importing scan policies from NessusGUI.exe properly enables the plugins

   More Information

Tenable Network Security, Inc. will discuss how to better manage risk, with a focus on how detection and management technology continues to shape network security at the Pacific Information Security Forum.    More Information

Tenable has re-released the Nessus 3.0.6 package for Mac OS X. This new package (3.0.6.1) contains several fixes which would prevent it from installing properly on the newly released Mac OS X 10.5 operating system.   More Information

Tenable Network Security, Inc. today announced that the leading Windows Security resource site, WindowSecurity.com, announced that the Nessus Vulnerability Scanner was selected the winner in the Security Scanner Software category of the WindowSecurity.com Readers’ Choice Awards.   More Information

Ron Gula, Chief Executive Officer for Tenable Network Security, Inc., will address the Institute for Applied Network Security at the 5th Annual Midwest Information Security Forum.   More Information

Tenable Network Security is proud to announce the availability of the GA (general availability) version of NessusClient 3.

NessusClient is a new graphical user interface which is unified across Mac OS X, Linux and Windows. The key features of this product are :


- Real-time results. No need to wait until the end of a scan to start analyzing the findings of Nessus
- Document based. Save your policies, scan results and scan targets into a single file
- New XML based report format. The new '.nessus' file format saves into a single XML file your scan policies, scan targets and scan results
- Multiple connections. NessusClient can connect to several scanners at the same time
- Consistent interface. The same interface exists on Mac OS X, Windows and Linux

This product can be downloaded from Nessus.org for Windows, Ubuntu Linux, Debian Linux, Red Hat Enterprise Linux 4 and 5, Fedora Core 6 and 7, and OpenSUSE 10.2   More Information

Ron Gula, Chief Executive Officer for Tenable Network Security, Inc., will discuss "Keeping up with the Jones' Forensics" at the Techno Forensics 2007 Conference.   More Information

Tenable Network Security is proud to announce the availability of the fourth beta of NessusClient 3.

This release adds the ability to autenticate to a remote Nessus server with a SSL certificate, and allows users to export policies to the older nessusrc file format

Update 2007/10/02 : beta5 has been released. It fixes some last minute bugs which appeared in beta4 and ships with Qt 4.3.1.   More Information

Marcus Ranum, Chief Information Security Officer for Tenable Network Security, Inc., will present one-day workshops during Interop 2007 New York.   More Information

Tenable Network Security, Inc. today announced it has released SCAP compatible solutions to assist Federal Agencies in complying with the Office of Management and Budget's M-07-11 policy memorandum "Implementation of Commonly Accepted Configurations for Windows Operating Systems".    More Information

Tenable Network Security, Inc. is proud to announce the availability of NessusClient 3.0.0 beta3.

NessusClient 3 is a completely redesigned GUI for the Nessus server, which offers the same experience for Windows and Linux Mac OS X users have been experiencing for several months.

This new beta fixes several buglets and now offers the ability to convert older scans results from NessusGUI.exe (on Windows) and NessusClient 1.0.x (Linux) to the new .nessus file format.   More Information

Tenable Network Security, Inc. today announced it has upgraded from CVSS v1 to CVSS v2 of the National Institute of Standards and Technology (NIST) CVSS scores across Tenable’s entire vulnerability management product line to help organizations improve discovery of vulnerabilities and to prioritize remediation efforts.   More Information

Tenable Network Security, Inc. today announced that Tenable Security Center v3.2 and Nessus v3.0 have been certified by the Center for Internet Security (CIS) to conduct CIS Certified agent-less configuration audits for the following CIS Benchmarks: CIS Level 1 Benchmark for Red Hat Enterprise Linux v1.0.5, FreeBSD Benchmark v1.0.5, Windows Server 2003 Member Server v1.2 – Legacy, Windows Server 2003 Member Server v1.2 – Enterprise, and Windows Server 2003 Member Server v1.2 – Specialized Security.   More Information

A new version of Nessus 3.0.6.1 for Windows has been released.

This version fixes a security problem which exists on every version of Nessus 3.0.x for Windows with regards to the NessusGUI.exe interface which registers an ActiveX which contains a security vulnerability.

Every Windows user is highly encouraged to upgrade to this version.   More Information

Tenable Network Security, Inc. today announced the launch of Tenable's Federal Partner program. This program welcomes Apptis, Core Enterprises, G2, Government Acquisitions, GTSI, ManTech and STG International as strategic Federal Partners of Tenable.    More Information

Tenable Network Security, Inc. today announced that it has been awarded a CIS certification for FreeBSD audits.

These checks can be performed by customers using the Nessus Policy Compliance checks plugins which come as part of the Nessus Direct feed.
   More Information

Tenable Network Security, Inc. is proud to announce the availability of NessusClient 3.0.0 beta1.

NessusClient 3 is a completely redesigned GUI for the Nessus server, which offers the same experience for Windows and Linux Mac OS X users have been experiencing for several months.

Its key features are the following :

- Real-time results. No need to wait until the end of a scan to start analyzing the findings of Nessus
- Document based. Save your policies, scan results and scan targets into a single file
- New file format. The new '.nessus' file format (which is XML based) saves into a single file your scan policies, scan targets and scan results
- Multiple connections. NessusClient can connect to several scanners at the same time
- Consistant interface. The same interface exists on Mac OS X, Windows and Linux

This beta can be downloaded from Nessus.org for Windows, Ubuntu Linux, Red Hat Enterprise Linux 4 and 5, Fedora Core 6 and 7, and OpenSUSE 10.2

A blog entry details this release furthermore.   More Information

Tenable Network Security, Inc. is proud to announce the availability of Nessus 3.0.6 for Windows, Mac OS X, Linux, Solaris and FreeBSD.

This release contains the following fixes and enhancements :

- Fixed a cross site scripting vulnerability in the Windows GUI
- Fixed a possible segfault condition occuring when multiple clients simultaneously log into the nessusd server
- Fixed a memory leak in nasl scripts containing a function on_exit()
- Improved performance when logging into nessusd
- The scan does not fail any more if the main nessusd process runs out of file descriptors (this would occur on Solaris with max_host set to a value higher than 200)
- Several fixes in the NASL interpreter
- Builds for Fedora Core 7 and Red Hat ES 5


Tenable would like to thank to Japanese CERT for having notified us about the Windows cross site scripting issue.   More Information

Tenable Network Security, Inc. today announced that it has been awarded a CIS certifications for Red Hat Enterprise Linux audits.

These checks can be performed by customers using the Nessus Policy Compliance checks plugins which come as part of the Nessus Direct feed.

A blog entry details how to use these while doing your audits.   More Information

Today, Tenable released Nessus 3.1.4 beta. Here are the main changes compared to Nessus 3.1.3 :

- 64 bits builds (for Debian 4 and Red Hat ES 5 only at this time)
- Fedora Core 7 build
- Better support for IPv6. In particular, the functions get_local_mac_addr() / get_gw_mac_addr() work when dealing with an IPv6 host
- Fixed a bug related to the maximum number of TCP sessions set in parallel and which would cause nessusd to use more CPU than what is necessary
- Added several fixes in the NASL interpreter. In some cases, a copy-on-write operation would not be detected properly thus leading to incorrect modifications of some variables ;
- Fixed nessuscmd which would not be able to use the local nessus daemon any more
- The 'nessus' command-line utility can now produce the same report type (.nessus) as the Mac OS X client
- Several other smaller bug fixes as well as further optimisations to reduce memory usage.

The whole Nessus 3.1.x series is considered as being in beta. When it reaches production quality, it will be labelled Nessus 3.2.x. The main list of changes between Nessus 3.2 and Nessus 3.0 is available on Tenable's blog   More Information

Tenable Network Security, Inc. today announced that it has been awarded three different CIS certifications for Windows Domain Controllers audits.

These checks can be performed by customers using the Nessus Policy Compliance checks plugins which come as part of the Nessus Direct feed.

A blog entry details how to use these while doing your audits.   More Information

Tenable Network Security, Inc. today extends Tenable's Security Center's capability to identify and monitor sensitive "data at rest" and "data in motion"   More Information

Older news