Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Scott Caveza

Senior Manager, Research

Profile picture for user Scott Caveza

Scott joined Tenable in 2012 as a Research Engineer on the Nessus Plugins team. Over the years, he has written hundreds of plugins for Nessus, and reviewed code for even more from his time being a team lead and manager of the Plugins team. Scott now manages the Security Response team, helping lead the efforts for the research organization to respond to the latest threats. In addition, Scott also leads the Zero Day Research team, focused on finding and reporting vulnerabilities in a variety of software and devices, helping to secure the ecosystem. He has over a decade of experience in the industry with previous work in the Security Operations Center (SOC) for a major domain registrar and web hosting provider. Scott is a current CISSP and actively maintains his GIAC GWAPT Web Application Penetration Tester certification.

Interests outside of work: Scott enjoys spending time with his family, camping, fishing and being outdoors. He also enjoys finding ways to break web applications and home renovation projects.

Blog Post

CVE-2022-22972: VMware Patches Additional Workspace ONE Access Vulnerabilities (VMSA-2022-0014)

Wednesday, May 18, 2022

Organizations and government agencies are strongly advised to patch two newly disclosed vulnerabilities in VMware products, following warnings from VMware and the Cybersecurity and Infrastructure Security Agency.

Blog Post

NUCLEUS:13: 13 Vulnerabilities Found in Siemens Nucleus TCP/IP Stack

Wednesday, November 10, 2021

Thirteen new vulnerabilities have been discovered in the Nucleus TCP/IP stack used in potentially billions of devices.

Blog Post

Oracle April 2021 Critical Patch Update Addresses 257 CVEs including ‘Zerologon’ (CVE-2020-1472)

Wednesday, April 21, 2021

Oracle addresses over 250 CVEs in its second quarterly update of 2021 with 390 patches, including 34 critical updates.

Blog Post

DNSpooq: Seven Vulnerabilities Identified in dnsmasq

Wednesday, January 20, 2021

Researchers identify seven vulnerabilities in popular Domain Name System software.

Blog Post

CVE-2020-16846, CVE-2020-25592: Critical Vulnerabilities in Salt Framework Disclosed

Wednesday, November 4, 2020

SaltStack recommends immediate patching after their disclosure of three new vulnerabilities, two of which are rated critical and can be remotely exploited without authentication.

Blog Post

Ripple20: More Vulnerable Devices Discovered, Including New Vendors

Tuesday, August 4, 2020

A partnership between Tenable and JSOF continues to uncover additional devices vulnerable to Ripple20. Update September 9, 2020: The Affected Vendors section has been updated based on feedback from vendors.

Blog Post

CVE-2020-3952: Sensitive Information Disclosure in VMware vCenter Server (VMSA-2020-0006)

Friday, April 10, 2020

VMware patches a critical information disclosure flaw in vCenter Server with a CVSSv3 score of 10.0. Background On April 9, VMware published VMSA-2020-0006, a security advisory for a critical vulnerability in vCenter Server that received the maximum CVSSv3 score of 10.0.

Blog Post

Microsoft's November 2019 Patch Tuesday: Tenable Roundup

Tuesday, November 12, 2019

With over 70 CVEs, Microsoft’s November 2019 Patch Tuesday corrects 13 critical vulnerabilities, including a patch for an Internet Explorer vulnerability exploited in the wild.

Blog Post

Microsoft's October 2019 Patch Tuesday: Tenable Roundup

Tuesday, October 8, 2019

Administrators rejoice: only nine of the 59 vulnerabilities in Microsoft's October 2019 Security Update are rated critical.

Blog Post

CVE-2019-16928: Critical Buffer Overflow Flaw in Exim is Remotely Exploitable

Monday, September 30, 2019

CVE-2019-16928, a critical heap-based buffer overflow vulnerability in Exim email servers, could allow remote attackers to crash Exim or potentially execute arbitrary code.

Try for Free Buy Now
tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today.

NEW - Nessus Expert Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Professional Trial.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Buy Now
Renew an existing license | Find a reseller | Request a Quote
Try for Free Buy Now
Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web Application Scanning trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.cs Cloud Security.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try for Free Contact Sales

Try Tenable Lumin

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable.io Vulnerability Management, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Try for Free Contact Sales

Try Tenable.cs

Enjoy full access to detect and fix cloud infrastructure misconfigurations and view runtime vulnerabilities. Sign up for your free trial now. To learn more about the trial process click here.

Your Tenable.cs Cloud Security trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.io Web Application Scanning.

Contact a Sales Rep to Buy Tenable.cs

Contact a Sales Representative to learn more about Tenable.cs Cloud Security and see how easy it is to onboard your cloud accounts and get visibility into both cloud misconfigurations and vulnerabilities within minutes.

Try for Free Buy Now

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training

Buy Now
Renew an existing license | Find a reseller | Request a quote