0:00 00:00:00:00 - 00:00:15:02 Speaker 1
0:00 I'm pretty excited to finally be able to do this series on tenable. And to
0:03 show you some of the updates since my last series on tenable. So I'm going to
0:06 call this one tenable vulnerability management 2025. And as you know,
0:10 like I just want to show you this great tenable vulnerability management. It lives
0:13 right here within this fleet. 00:00:15:03 - 00:00:34:49
0:15 Speaker 1 This is only
0:15 one of the tenable products. But since I did my last video, tenable has a whole bunch of things
0:20 that they've added. So I just want to kind of briefly talk about these. So the identity
0:24 exposure is one that targets Active Directory. If you're not familiar with Active Directory,
0:28 take a second to look it up. But this one is for securing or identifying vulnerabilities as
0:33 Active and Active Directory. 00:00:34:54 - 00:00:52:33
0:34 Speaker 1 You got the attack surface
0:36 management. This is one that allows you basically you're trying to determine the paths that attacker
0:40 can take to compromise your system. So it kind of goes in and gives you like some really good
0:45 insight to be able to understand how people can attack you. Cloud security. This is stuff that you
0:50 do to be able to secure and, and 00:00:52:33 - 00:00:53:09
0:52 Speaker 1 and
0:53 00:00:53:09 - 00:00:54:30 Speaker 1
0:53 audit your cloud environment. 00:00:54:31 - 00:00:58:53
0:54 Speaker 1 So this is the governance
0:55 ot operational technology. This is dealing with like
0:58 if you're thinking like, 00:00:58:53 - 00:01:16:08
0:58 Speaker 1 like manufacturing plants or rock quarries or, or
1:03 anything that produces something that industrial level they have, what's called PLCs, project logic
1:07 controllers and basically little devices and sensors that control when machines do this and
1:13 that. And if that gets compromised or slow down 00:01:16:08 - 00:01:20:47
1:16 Speaker 1 it could lead from everything to maybe, maybe
1:18 messing the product to also injuring people 00:01:21:04 - 00:01:30:33
1:21 Speaker 1 So ozone environment
1:22 is a big one and honestly, we need more people who are who are working to become an
1:25 expert in OT security vulnerability management. This is what we're doing,
1:29 basically scanning endpoints, 00:01:30:33 - 00:01:45:09
1:30 Speaker 1 to look for vulnerabilities
1:31 for most of our endpoints, IPAs and domains. Web application scanning. This is a specific
1:36 one that you have to that's in addition to the vulnerability management in the other products,
1:40 but it scans your web applications looking for actual vulnerabilities
1:43 in their telco inventory. 00:01:45:09 - 00:01:46:23
1:45 Speaker 1 Not familiar with that, but,
1:46 00:01:46:23 - 00:02:01:08 Speaker 1
1:46 because you already have the asset feature but looks like it's something cool, I want to get
1:49 into this a little bit later, and then lumen assesses your risk. So this kind of means like
1:54 you're basically doing an assessment of your cyber risk exposure compared to other others
1:59 in the industry or, or your peers 00:02:01:08 - 00:02:13:48
2:01 Speaker 1 So and alone as far as your view.
2:03 So I've actually done some, some work on these like just some training and understanding these,
2:07 but not not really a lot to dig in and really fully understand this. So let's go ahead. Let's
2:12 jump into tenable vulnerability management 00:02:13:48 - 00:02:17:23
2:14 Speaker 1 okay. So now we're in the tenable vulnerability
2:15 manager environment. So this is environment. 00:02:17:23 - 00:02:22:44
2:17 Speaker 1 And basically what I do is I use this this is
2:20 where I'm using to secure my family my friends 00:02:22:44 - 00:02:28:49
2:22 Speaker 1 to do vulnerability
2:23 scan and to be able to get data to do these videos okay. So families,
2:27 friends and they may have companies 00:02:28:49 - 00:02:31:03
2:29 Speaker 1 So I'm able to kind
2:30 of secure that company. 00:02:31:16 - 00:02:47:10
2:31 Speaker 1 But just keep in mind I do works
2:32 full time in doing this. So I can't necessarily do this in a certain way. So doing as a as a
2:37 full time job with the site is just something I'm doing to be able to gather data. Okay,
2:41 so but I do do this at my full time job. So, you know, there's kind of like can't compete
2:45 with your for non-compete clause 00:02:47:10 - 00:02:52:09
2:47 Speaker 1 where I can't be
2:47 like doing my own cyber security on the site, you know, while doing the
2:51 same thing for the company. 00:02:52:23 - 00:03:05:17
2:52 Speaker 1 So but I do have some good data
2:54 on here. That's why I try to get as many machines as possible to get really good rich data here for
2:58 the environment. So let's go ahead and start here. Because everything I do I typically going to start
3:03 with the main menu here. And 00:03:05:17 - 00:03:06:43
3:05 Speaker 1 and this takes you back to this
3:06 00:03:06:43 - 00:03:07:36 Speaker 1
3:06 on the dashboard. 00:03:07:36 - 00:03:11:46
3:07 Speaker 1 And so the dashboard once again this
3:09 has really good information primarily. What 00:03:11:46 - 00:03:17:08
3:11 Speaker 1 a lot of times
3:12 I use on the job is this part right here is being able to look at the 30,
3:16 60, 90 day metrics. 00:03:17:08 - 00:03:22:34
3:17 Speaker 1 So and I'll get
3:18 into this eventually as we go through the series, I'll be able to kind of talk through that and kind
3:21 of give you some insight. 00:03:22:38 - 00:03:29:29
3:22 Speaker 1 But right now I
3:23 just want you to understand what's available. And so also for dashboard, you got lots of different
3:27 dashboards that you can do. So, 00:03:29:29 - 00:03:34:15
3:29 Speaker 1 specifically if you go to all dashboards, this
3:32 is where you can kind of create new dashboards 00:03:34:15 - 00:03:36:22
3:34 Speaker 1 And this
3:35 is really helpful. 00:03:36:22 - 00:03:38:58
3:36 Speaker 1 I'll talk about that a little
3:37 bit later on the dashboard section. 00:03:39:03 - 00:03:53:53
3:39 Speaker 1 Now when it comes to scans, you
3:40 can kind of see I've got some scans set up here. I got the school icon. So I actually did kind
3:44 of create like a one on one program where we can actually like you can get hands on with the tools
3:49 read only though I can't give you full access. But what I did spin up a Google cloud environment.
3:53 00:03:53:55 - 00:03:54:43 Speaker 1
3:54 I was able to 00:03:54:43 - 00:03:57:27
3:54 Speaker 1 and I got machine on there
3:56 with agents and Sentinel one 00:03:57:27 - 00:04:08:27
3:57 Speaker 1 And I asked some
3:58 of my friends to kind of, you know, gave an IP address and said, hey, you know who have
4:02 fun with this. So anyway, so that's what that second scan is. And so then I also got the,
4:07 the daily basic ages. 00:04:08:27 - 00:04:17:15
4:08 Speaker 1 So I'm scanning ages, I'm scanning that work.
4:10 I'm doing host discovery scan. I'm doing odd. It's a shout out to Scotty, who I have on the channel
4:15 at some point would think tank workshop. 00:04:17:15 - 00:04:24:00
4:17 Speaker 1 He's one of the people that came to the
4:18 mentorship program, and he's branched out, and he wanted to do this. This audit infrastructure scan,
4:22 which I hadn't really seen. 00:04:24:05 - 00:04:25:59
4:24 Speaker 1 So I went through
4:24 the process of setting it up, 00:04:25:59 - 00:04:39:17
4:26 Speaker 1 by the cloud infrastructure. That was pretty
4:27 cool. And then host Discovery Man, being able to see like all the internet, like the IoT, you know,
4:32 nothing like your smart light bulbs. You know, my Elgato light right here on my on my station,
4:38 like, you know, Alexa 00:04:39:17 - 00:04:49:56
4:39 Speaker 1 and and Google
4:40 Home and Nest and Ring devices and all that kind of stuff, you know, so basically being
4:44 able to know 100% what I know, because you can't really do security if you don't really know what
4:48 you have on your network. 00:04:49:56 - 00:04:53:53
4:50 Speaker 1 Right? So that being the case and then
4:52 vulnerability intelligence, I don't know. 00:04:53:53 - 00:04:55:31
4:53 Speaker 2 But I found these results on search.
4:55 00:04:55:36 - 00:04:56:30 Speaker 1
4:55 Thank you Google. 00:04:56:30 - 00:04:59:52
4:57 Speaker 1 Hey. All right so that's
4:58 interesting. Always listening right. 00:04:59:52 - 00:05:10:52
4:59 Speaker 1 so here you like
5:00 to search vulnerability database. This is pretty cool because you can actually search
5:04 by CV I think that's a really cool feature that they add is something that wasn't there
5:09 before as far as I remember. 00:05:10:52 - 00:05:13:34
5:10 Speaker 1 Then you got your
5:11 exposure exposure research I got 00:05:13:34 - 00:05:16:16
5:13 Speaker 1 I don't I haven't dug
5:15 into this, just to be honest. 00:05:16:16 - 00:05:31:00
5:16 Speaker 1 Like, obviously this
5:17 is something that's that's new. I'm just kind of showing you all this here. And so you could
5:21 do this pose or I suppose your response. I'm really looking forward to playing with this.
5:25 Then you can look at the asset. These are basically all the machines that I currently
5:29 have in here. So I got 46 holes 00:05:31:10 - 00:05:37:29
5:31 Speaker 1 And so you
5:31 can see I basically some I have names on, some I could like discover to host
5:36 discovery scans and scans. 00:05:37:29 - 00:05:48:48
5:37 Speaker 1 And so what I
5:38 really want to emphasize here is that if you really want to do cybersecurity,
5:41 one of the best things you can do is you take your home, you can take your local things,
5:45 your friends, family, with their permission, okay, be able to get it right into
5:48 00:05:48:52 - 00:05:58:44 Speaker 1
5:49 and and also and then go through the process of setting up this stuff at home because I cannot
5:53 tell you how many times that the stuff I work at home leads to me knowing something at work that
5:57 was just something that was just random. 00:05:58:44 - 00:06:15:25
5:58 Speaker 1 You know, I'm saying like,
5:59 oh yeah, I got this. Yeah, I've seen this. So I really tried it to, I literally well, I mean,
6:04 technology interpreted is a real company. And I had to go through a whole process to
6:08 get tenable to, you know, just like any other company who sells this stuff. So essentially
6:12 my home is my headquarters, 00:06:15:25 - 00:06:21:23
6:15 Speaker 1 to per se,
6:16 and it's run like an actual physical office business from a cybersecurity perspective,
6:20 if that makes sense. 00:06:21:23 - 00:06:24:37
6:21 Speaker 1 Okay. So finally, this is where
6:23 we go to look at the vulnerabilities 00:06:24:42 - 00:06:27:09
6:24 Speaker 1 And you can see we even
6:25 get called Misconfigurations 00:06:27:09 - 00:06:28:14
6:27 Speaker 1 which
6:27 is cool. 00:06:28:14 - 00:06:30:58
6:28 Speaker 1 But that that's something
6:29 you have to do a scan. And 00:06:30:58 - 00:06:35:05
6:31 Speaker 1 right now I haven't played with that. So that's
6:33 something I hope to, to have some fun with. 00:06:35:10 - 00:06:36:23
6:35 Speaker 1 You can see the
6:35 sensors. 00:06:36:23 - 00:06:49:33
6:36 Speaker 1 This is where we get a chance to deploy the
6:38 different types of sensors. So and I just want to, you know, on that section I really would dig into
6:42 this. But all right now I've got NSA scanners and this is agent deployed I am you're really
6:47 interested in this setting up my own Nessus, 00:06:49:33 - 00:06:50:57
6:49 Speaker 1 network monitor right there.
6:51 00:06:50:57 - 00:07:02:00 Speaker 1
6:51 So I'm curious, and I'm going to do that at some point in the future, because that one has a really
6:56 good features to be able to scan this stuff as it's coming through your firewall or you basically
7:00 you're duplicating your firewall port. 00:07:02:00 - 00:07:09:28
7:02 Speaker 1 Reports. This is pretty
7:03 much everything I saw. You can create reports, but there's some new features that report, and I
7:07 cannot wait to dig into and tell you all about, 00:07:09:28 - 00:07:11:35
7:09 Speaker 1 including the ability to detect AI,
7:11 00:07:11:35 - 00:07:12:21 Speaker 1
7:11 just on an out there. 00:07:12:21 - 00:07:15:39
7:12 Speaker 1 The eye detection is something
7:13 that tenable is leaning into. 00:07:15:39 - 00:07:19:57
7:15 Speaker 1 So I really going
7:16 to have some fun. And that's really interesting because I've actually
7:18 used that. I work already 00:07:19:57 - 00:07:23:14
7:20 Speaker 1 has some customers who are who
7:21 are very interested in determining 00:07:23:14 - 00:07:26:29
7:23 Speaker 1 if their employees are using AI
7:24 in the environment. And of course, 00:07:26:29 - 00:07:31:22
7:26 Speaker 1 we've had some
7:27 other creative things we did, but then we realized, did that and we were able
7:30 to kind of do detect 00:07:31:22 - 00:07:33:07
7:31 Speaker 1 different things,
7:32 including like Grammarly. 00:07:33:07 - 00:07:40:19
7:33 Speaker 1 Right? Most people
7:33 don't even think of Grammarly as AI, but it gets detected as I am a large language
7:39 model, so I love them. So, 00:07:40:24 - 00:07:41:53
7:40 Speaker 1 we also got
7:41 remediation, 00:07:41:53 - 00:07:49:04
7:41 Speaker 1 talked about this in
7:42 some of our previous video, but basically you can kind of create projects to to really focus in on
7:48 what you're going to be doing 00:07:49:04 - 00:07:50:26
7:49 Speaker 1 with remediation.
7:50 00:07:50:31 - 00:07:54:43 Speaker 1
7:50 This is a good thing, especially if you're like, if you're a person
7:53 in an organization, 00:07:54:43 - 00:08:02:28
7:54 Speaker 1 not necessarily like if
7:56 you're securing multiple organizations, but if you were like working for one organization, creators
8:00 remediation projects is really, really cool. 00:08:02:28 - 00:08:04:02
8:02 Speaker 1 I'm trying to
8:03 think of a way to 00:08:04:02 - 00:08:05:43
8:04 Speaker 1 be able to use this at scale because,
8:05 00:08:05:43 - 00:08:06:25 Speaker 1
8:05 it was my job. 00:08:06:26 - 00:08:14:07
8:06 Speaker 1 I secure multiple companies, you know,
8:08 so so I would have, like, this would be a lot to manage. And the thing is, when you're just like
8:12 when you're looking at multiple companies 00:08:14:07 - 00:08:22:28
8:14 Speaker 1 being having to log into every tenable
8:16 tenant for every tenable company is not really that efficient. So you have to think about you
8:20 have to I had to be able to do things at scale. 00:08:22:28 - 00:08:24:15
8:22 Speaker 1 So this is where RPA, APIs
8:24 00:08:24:15 - 00:08:25:03 Speaker 1
8:24 come into play. 00:08:25:03 - 00:08:28:57
8:25 Speaker 1 And then the settings, this is where
8:26 you get into like the general like 00:08:28:57 - 00:08:32:31
8:29 Speaker 1 basically the general configuration
8:31 of ten or more set up a table. 00:08:32:31 - 00:08:39:24
8:32 Speaker 1 And so the things you got here,
8:34 for example, you got Saml right here where you can configure single sign on, you got your license,
8:38 you can check your license. 00:08:39:24 - 00:08:43:42
8:39 Speaker 1 This access control is where I go through and
8:41 create accounts. So say for instance with the 00:08:43:42 - 00:09:02:28
8:43 Speaker 1 with the school.com
8:45 for the people who are in the cyber security mentorship program when they log in, I don't
8:48 want them seeing everything in my environment. I just want them to see the machines that I have
8:52 in school.com. So it gives them an ability to log in with a read only account and they
8:57 can kind of see that machine that I have in the cloud or stuff like that, and see the
9:01 vulnerabilities that exist on that. 00:09:02:28 - 00:09:05:48
9:02 Speaker 1 So we can actually walk through and I'll walk
9:04 in through remediating those vulnerabilities 00:09:05:48 - 00:09:15:16
9:06 Speaker 1 So that's what the that, that the
9:08 access control section is activity logs. So we can see what happens. And you really want every tool
9:13 involved. Not every tool doesn't have this. 00:09:15:16 - 00:09:22:54
9:15 Speaker 1 But there needs to be some kind of log that
9:17 tells you what's happening in the environment, logs events taking place in your organization
9:21 instead of a vulnerability management account. 00:09:22:54 - 00:09:23:41
9:23 Speaker 1 You need to know that
9:23 00:09:23:41 - 00:09:33:05 Speaker 1
9:24 because different things like for example, if as an administrator, I may have other administrators
9:28 in my organization, and what if they log in and what if they, like, start messing around
9:31 and doing things that various 00:09:33:05 - 00:09:38:47
9:32 Speaker 1 you need to be able
9:33 to see and understand that happens. Language of you, management, language settings, exports.
9:38 00:09:38:47 - 00:09:39:55 Speaker 1
9:38 You see, as far as 00:09:39:55 - 00:09:43:16
9:39 Speaker 1 things that are major here,
9:41 like dashboards and exports, that's cool. 00:09:43:21 - 00:09:51:54
9:43 Speaker 1 You can view the export activity and manage
9:45 schedule for. So basically if you have report to them for things that are being exported from the
9:50 the light from the central console, you can 00:09:51:54 - 00:09:52:40
9:52 Speaker 1 schedule those
9:52 00:09:52:40 - 00:09:59:51 Speaker 1
9:53 requests. And this is really important when recasting and tagging are really,
9:56 really going to dig into these because these become my favorite
9:58 friends right here. 00:09:59:56 - 00:10:08:03
9:59 Speaker 1 If there's a vulnerability that that
10:01 a company can't address, then you want to recast it, which means that they're going to accept the
10:06 risk for a certain period of time. 00:10:08:03 - 00:10:10:21
10:08 Speaker 1 Recasting also allows
10:09 you to be able to adjust the,
