On Sept. 24, the world learned about Shellshock, a major security vulnerability in the ubiquitous Bash Unix shell. Less than 24 hours after the news broke, Tenable Network Security®, Inc., the leader in continuous network monitoring, announced the release of a robust set of detection plugins and a new Shellshock policy wizard for its Nessus® vulnerability scanner, the global standard in detecting and assessing network data. These upgrades were followed closely by a special Shellshock dashboard for SecurityCenter Continuous View™, which allows for the most comprehensive and integrated view of network health.
“Protecting your business from something like Shellshock means staying ahead of the people who mean you harm,” said Ron Gula, CEO at Tenable. “From the first news of the vulnerability, Tenable was working hard to ensure that our customers had up-to-date and actionable information about Shellshock in their networks.”
Shellshock comes only months after the discovery of Heartbleed, a massive vulnerability in the Internet’s cryptography protocol, Open SSL. While the long-term impact of Shellshock remains undetermined, Gula believes it surpasses Heartbleed in severity due in part to detection difficulty.
“Heartbleed was relatively easy to detect,” said Gula. “Shellshock, on the other hand, is harder to detect because you have to check every possible attack vector, which means having the proper configuration and auditing every single one of your network assets.”
“Widespread vulnerabilities such as Heartbleed and Shellshock have a tendency to reappear in your environment,” said Paul Asadoorian, product marketing manager at Tenable. “Determining where and how your business is vulnerable to Shellshock requires verifying that the patch was properly installed on the system, which is something Nessus and SecurityCenter CV do quite well.”
The discovery of security holes in two of the world’s most widely adopted open source programs highlights what may be yet to come.
“We are in a situation where many of these decades-old open source programs have become industry standards and provide the underpinning for the Internet as we know it. We must do more as an industry to audit and secure these key elements of our digital infrastructure,” said Gula.
To ensure that their systems are safe, existing Tenable customers should download the Nessus Shellshock plugins by visiting the Nessus Newest Plugins page. SecurityCenter users should also take advantage of the Shellshock dashboard to identify affected subnets, key indicators of compromise, and vulnerable systems by operating system and type. Those who want to learn more about how Tenable’s Nessus Policy Wizard identifies Shellshock vulnerability can visit the Nessus Discussions forum.