Josef Weiss is a Senior Software Engineer at Tenable, and expertly tracks vulnerabilities, threats, and cybersecurity risks and manages processes & dependencies around detecting such events. Josef is also responsible for identifying new or potentially new threats (for example vulnerabilities or malware) and monitoring levels of threat activity. The typical day includes researching and documenting vulnerabilities and cyber-attacks, including techniques being used by responsible parties. This cyber intelligence is used to ensure that Tenable Research reacts appropriately to any new or existing threats. Prior to joining Tenable, Josef’s experience spanned over 19 years in information security. He has worked as a security engineer and architect for the Big 4, several major universities, large healthcare organizations and the telecommunications industry. Josef, who holds many certifications, is a Certified Information Systems Security Professional (CISSP), and a Python programmer.
The Security Content Automation Protocol (SCAP) is a line of standards managed by NIST that was created to provide a standardized approach to maintaining the security of enterprise systems. This collection presents the analyst with SCAP audit findings within the environment. Results assist the analyst in identifying and securing potential areas of compromise.
During a resource attack, a resource is depleted to the point that its functionality is affected, essentially creating a denial of service attack. Utilizing LCE and deployed LCE Clients, these common resources can be easily monitored through SecurityCenter Continuous View (SecurityCenter CV). This report contains event data to assist in monitoring resource depletion.
During a resource attack, a resource is depleted to the point that its functionality is affected, essentially creating a denial of service attack. Utilizing LCE and deployed LCE Clients, these common resources can be easily monitored through SecurityCenter Continuous View (CV). This dashboard contains several components to assist in monitoring resource depletion.
Large anomalies may be indicative of malicious behavior or network failure. Each hour, the Log Correlation Engine (LCE) stats daemon analyzes the previous hour of activity and attempts to identify any series of events on every monitored host to look for anomalies. This report displays results utilizing the user summary tool to display user accounts associated with any existing large anomalies in the environment.
The DoD uses STIG audits to analyze risk and identify configuration vulnerabilities, as part of the proper IA controls. This collection presents the analyst with vulnerability data utilizing STIG Severity Codes in an easy to understand method. Pass/Fail compliance related audit data is located in SecurityCenter by either MAC or CAT Level code identification.
As part of the proper IA controls, the Department of Defense (DoD) uses STIG audits to analyze risk and identify configuration vulnerabilities. The configuration settings are classified using DISA FSO (Defense Information Systems Agency, Field Security Operations) Severity Category Codes (e.g., CAT Levels). This collection presents the analyst with these STIG Severity Category Codes in an easy to understand method.
The DoD uses Security Technical Implementation Guide (STIG) audits to analyze risk and identify configuration vulnerabilities. As part of the proper Information Assurance (IA) controls, the configuration settings are classified using Mission Assurance Category (MAC) Levels. This report presents the analyst with STIG classification and MAC levels in an easy to understand method.
The DoD uses Security Technical Implementation Guide (STIG) audits to analyze risk and identify configuration vulnerabilities, as part of the proper Information Assurance (IA) controls the configuration setting are classified using Mission Assurance Category (MAC) Levels. This collection presents the analyst with STIG classification and MAC levels in an easy to understand method.
Tracking insiders through log analysis and account auditing is a key component of the SecurityCenter Continuous View. This collection provides details about VPN event triggers, and provides information on the local network and where user accounts are used. The four components provide details about VPN specific events, with one component providing details on New User and New Network User events.
Organizations often express difficulty in identifying devices on the network or software installed on systems. This report displays triggered detections within the environment, using active, passive and event based detection methods.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.
Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.
Tenable Vulnerability Management
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.
Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.
Buy Tenable Web App Scanning
Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.
Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.
Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.
Buy Tenable Lumin
Contact a sales representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.
Thank you
Thank you for your interest in Tenable Lumin. A representative will be in touch soon.
Request a demo of Tenable Security Center
Please fill out this form with your contact information.
A sales representative will contact you shortly to schedule a demo.
* Field is required
Request a demo of Tenable OT Security
Get the Operational Technology security you need.
Reduce the risk you don’t.
Request a demo of Tenable Identity Exposure
Continuously detect and respond to Active Directory attacks. No agents. No
privileges.
On-prem and in the cloud.
Request a demo of Tenable Cloud Security
Exceptional unified cloud security awaits you!
We’ll show you exactly how Tenable Cloud Security helps you deliver multi-cloud asset discovery, prioritized risk assessments and automated compliance/audit reports.
See Tenable One in action
Exposure management for the modern attack surface.
See Tenable Attack Surface Management in action
Know the exposure of every asset on any platform.
Get a demo of Tenable Enclave Security
Please fill out the form with your contact information and a sales representative will contact you shortly to schedule a demo.
Thank You
Thank you for your interest in Tenable Enclave Security. A representative will be in touch soon.
Tenable Nessus is the most comprehensive vulnerability scanner on the market today.
NEW - Tenable Nessus Expert now available
Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.
Fill out the form below to continue with a Nessus Pro trial.
Buy Tenable Nessus Professional
Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.
Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.
Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.
Learn How Tenable Helps Achieve SLCGP Cybersecurity Plan Requirements
Tenable solutions help fulfill all SLCGP requirements. Connect with a Tenable representative to learn more.
Thank you.
You should receive a confirmation email shortly and one of our Sales Development Representatives will be in touch. Route any questions to [email protected].