Nessus’ malicious process detection enhances an organization’s AV strategy by red-flagging threats which often slip through the cracks, including malware specifically designed to avoid and target corporate AV solutions.
This new feature, which is available immediately for Nessus, Perimeter Service, and SecurityCenter customers, extends Tenable’s ability to help organizations fight malware and APTs including:
- Identification of infected systems by leveraging the power of dozens of industry-leading antivirus engines
- Identification of botnet infections, systems connected to known botnets, and websites hosting malicious content associated with botnet propagation
- Auditing an organization’s antivirus agent for vulnerabilities, out-of-date signature rules, and misconfigurations.
Nessus uses multiple methods to detect malware by scanning networks for evidence of infection — including known Trojans, APTs, and backdoors — and with this plugin, by comparing cryptographic hashes against a database of known malicious hashes. Leveraging technology from ReversingLabs, the expansive database of malicious hashes integrates intelligence from a wide variety of AV vendors, effectively enabling Nessus users to scan running processes with 25 AV solutions at once.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.