Tenable Network Security released on Tuesday 32 plugins to allow its free--but no longer open-source--Nessus vulnerability scanner the ability to search for flaws in common supervisory control and data acquisition (SCADA) systems.
The plugins allow systems administrators to scan the computer systems that run critical infrastructure, such as power networks and water-treatment facilities, for vulnerabilities. The updates, which can be used with Nessus 3, are the fruit of a four-month partnership between Tenable and infrastructure security firm Digital Bond.
"This is just the tip of the iceberg on what is possible," Dale Peterson, CEO of Digital Bond, said in a blog post.
While the United States has focused on securing SCADA systems, manufacturers of the systems are not practiced in handling flaw disclosure and mitigating vulnerabilities. When Digital Bond outed a significant vulnerability earlier this year, the disclosure irked SCADA system vendors.
The plugins for Nessus could help infrastructure companies and manufacturers test systems for vulnerabilities before accepting the equipment and maintain the security of their current systems.
Posted by: Robert Lemos