Cesar Navas is a Security Content Engineer at Tenable. Cesar specializes in creating dashboards, reports and ARCs for Tenable.sc, addressing critical compliance issues, current vulnerabilities and network asset discovery. Cesar is knowledgeable with SCADA protocols and understands the difficulties of Vulnerability Management within a delicate SCADA Network. Cesar's expertise in Cyber Exposure and Vulnerability Management provide a solid foundation for the the data visualization content he develops.
On December 9, 2021, researchers published proof-of-concept (PoC) exploit code for a critical vulnerability in Apache Log4j, a Java logging library used by a number of applications and services. This vulnerability, identified as CVE-2021-44228, is a Remote Code Execution (RCE) vulnerability in Apache Log4j. This dashboard is designed to help organizations determine what assets may contain vulnerabilities susceptible to the Apache Log4j exploit.
The prevalence of web applications makes them a prime target for cyber criminals. Failure to secure web applications can lead to serious financial and reputational consequences. The WAS Overview dashboard provides a high-level summary of vulnerability data discovered by Tenable.io WAS scans.
On Jan 11, 2022 CISA issued an alert (AA22-011A) warning of increased risk to U.S. critical infrastructure. An additional alert was issued on Feb 16, 2022 (AA22-047A) warning of increased risks to U.S. Cleared Defense Contractors (CDCs) by Russian state-sponsored cyber attackers. CISA, the FBI, and NSA have issued recommendations to safeguard organizations against these threats. This report enables the risk manager to work with asset owners to establish an ongoing remediation action plan, which demonstrates compliance with this directive.
2021 was certainly a turbulent year, punctuated with the revelation of a critical vulnerability in the widely-used Apache Log4j library. The lingering Covid-19 pandemic had already accelerated online and cloud migration, providing ripe targets for attackers. Organizations were faced with higher risks from interconnectivity resulting in major disruption from breaches, ransomware attacks, and attacks on the software supply chain. Tenable’s 2021 Threat Landscape Retrospective (TLR) provides valuable lessons learned as attackers relentlessly exploited the software supply chain. Cyber security practices need to evolve to address modern technology deployments. This report leverages Tenable’s 2021 Threat Landscape Retrospective to identify the most notable vulnerabilities that occurred in 2021.
2021 was certainly a turbulent year, punctuated with the revelation of a critical vulnerability in the widely-used Apache Log4j library. The lingering Covid-19 pandemic had already accelerated online and cloud migration, providing ripe targets for attackers. Organizations were faced with higher risks from interconnectivity resulting in major disruption from breaches, ransomware attacks, and attacks on the software supply chain. Tenable’s 2021 Threat Landscape Retrospective (TLR) provides valuable lessons learned as attackers relentlessly exploited the software supply chain. Cyber security practices need to evolve to address modern technology deployments. This report leverages Tenable’s 2021 Threat Landscape Retrospective to identify the most notable vulnerabilities that occurred in 2021.
On December 9, researchers published proof-of-concept (PoC) exploit code for a critical vulnerability in Apache Log4j, a Java logging library used by a number of applications and services. The exploit allows an unauthenticated, remote attacker to exploit this flaw by sending a specially crafted request to a server running a vulnerable version of Log4j. CISA recommends that users review the Apache Log4j announcement and upgrade to Log4j 2.15.0 or apply recommended mitigations immediately.
The State of Qatar’s MOTC developed NIA Policy v2.0 to help agencies and entities to enable a full-fledged information security management system within their agency.
The risk managers are required to understand any problem areas within the security domain. This report assists the risk manager is assigning tasks to any number of IT operations teams.
The NIA Policy v2.0 is associated with the State of Qatar’s MOTC. This policy was developed to help agencies and entities in the State of Qatar enable a full-fledged information security management system within their agency. This report will enable the executive team to gauge the compliance of the NIA Policy within their organization.
The NIA Policy v2.0 is associated with the State of Qatar’s MOTC. This policy was developed to help agencies and entities in the State of Qatar enable a full-fledged information security management system within their agency. This dashboard will enable the executive team to gauge the compliance of the NIA Policy in relation within their organization.
The NIA Policy v2.0 requires that agencies include a comprehensive information security program in the development of software and acquisition. Tenable recommends using risk-based vulnerability management in conjunction with NIAv2 compliance efforts. The NIA Secure Software Summary dashboard can assist the organization by identifying vulnerabilities and events associated with weak programming practices.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.
Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.
Buy Tenable Web App Scanning
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.
Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.
Buy Tenable Lumin
Contact a sales representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.
Thank you
Thank you for your interest in Tenable Lumin. A representative will be in touch soon.
Request a demo of Tenable Security Center
Please fill out this form with your contact information.
A sales representative will contact you shortly to schedule a demo.
* Field is required
Request a demo of Tenable OT Security
Get the Operational Technology security you need.
Reduce the risk you don’t.
Request a demo of Tenable Identity Exposure
Continuously detect and respond to Active Directory attacks. No agents. No
privileges.
On-prem and in the cloud.
Request a demo of Tenable Cloud Security
Exceptional unified cloud security awaits you!
We’ll show you exactly how Tenable Cloud Security helps you deliver multi-cloud asset discovery, prioritized risk assessments and automated compliance/audit reports.
See Tenable One in action
Exposure management for the modern attack surface.
See Tenable Attack Surface Management in action
Know the exposure of every asset on any platform.
Get a demo of Tenable Enclave Security
Please fill out the form with your contact information and a sales representative will contact you shortly to schedule a demo.
Thank You
Thank you for your interest in Tenable Enclave Security. A representative will be in touch soon.
Tenable Nessus is the most comprehensive vulnerability scanner on the market today.
NEW - Tenable Nessus Expert now available
Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.
Fill out the form below to continue with a Nessus Pro trial.
Buy Tenable Nessus Professional
Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.
Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.
Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.
Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements
Tenable solutions help fulfill all SLCGP requirements. Connect with a Tenable representative to learn more.
Thank you.
You should receive a confirmation email shortly and one of our Sales Development Representatives will be in touch. Route any questions to [email protected].