Web Application Auditing

Tenable Network Security's Unified Security Monitoring solutions can fully instrument and monitor the security of your web applications. Tenable's combination of scanning, passive monitoring, credentialed auditing and real-time log analysis is the most comprehensive approach to web security monitoring in the industry.

• Tenable Nessus scans identify your web servers and databases.
• Continuous monitoring with the Tenable Passive Vulnerability Scanner (PVS) identifies all of your web servers, virtual web servers and databases in real-time, regardless of which port they run on. It also identifies hosted content and any active forms that have been passively discovered in real-time.
• Web application audits with Nessus identify SQL injection, XSS and many other types of web security issues.
• Nessus also scans for thousands of known web vulnerabilities in vendor software, applications, databases, libraries and frameworks such as PHP.
• Nessus audits the configuration of your web servers and SQL databases against Center for Internet Security, DISA STIG and OWASP best practices.
• The Tenable Passive Vulnerability Scanner decodes all SQL traffic and logs it to the Log Correlation Engine (LCE) for logging of database queries, forensic analysis of attacks and auditing of database changes.
• The Tenable Log Correlation Engine accepts logs from web servers, web application firewalls, the underlying operating system of the web server, and also performs file integrity monitoring. Web logs can be searched and reports created for errors, system performance, evidence of attacks and anomalies.
• Nessus and the PVS may be used to identify expired SSL certificates on any port.

For large enterprises, Tenable's approach ensures continuous detection of all active web servers. For example, if a new web site is added to an existing web server, traditional vulnerability scanning will not identify this while passive monitoring with the Tenable Passive Vulnerability Scanner will.

For web application security teams, Tenable's solutions allow for end-to-end monitoring of all web queries, tracking web errors, tracking changes to the web server, auditing all commands run on the web server or databases, identification of vulnerabilities and identification of system compromises.

Relevant Blog Entries

• Auditing PHP Setting to OWASP Recommendations

• Auditing SQL Servers for DISA STIG Compliance
• How to Audit an Internet Facing Server
• Network Process Auditing