Tenable unveils secure cloud platform
Tenable Network Security today made available the first cloud-based vulnerability management platform to secure the full range of assets in the modern elastic IT environment, Tenable.io.
According to a recent Gartner report, “organisations with large or growing cloud, virtualisation and DevOps deployments must select a [vulnerability assessment] solution with these asset demographics in mind, and must consider a vendor’s current and future commitment to these technologies.” [Gartner source: 'Market Guide for Vulnerability Assessment' by Oliver Rochford and Prateek Bhajanka, published Dec. 5 2016]
The challenge for most organisations is that virtualisation, cloud, and the accelerating use of web applications and short-lived assets like containers has changed how and when they need to assess vulnerabilities.
“Networks, assets and threats have all changed dramatically over the last few years, but vulnerability management hasn’t kept up,” said Amit Yoran, CEO, Tenable Network Security. “This innovation gap has left organisations everywhere struggling to answer the most basic question in security: what is my vulnerability and risk exposure? Tenable.io represents a new, more strategic approach to vulnerability management for today’s elastic attack surface, with the capabilities and flexibility organizations need to understand and improve their cybersecurity risk posture.”
Tenable.io delivers the broadest coverage of any vulnerability management solution for unparalleled visibility into the security status of modern IT infrastructure. Unique auditing and assessment capabilities help customers identify and remediate vulnerabilities across more technologies, including containers, web applications and cloud instances. It is also the first major vulnerability management solution licensed by assets instead of IP addresses.
Tenable also announced today immediate plans to extend Tenable.io capabilities in early 2017 with two new products. These application security offerings address the increased exposure from DevOps-led container adoption and the explosion of web applications:
Tenable.io Container Security: Based on the company’s acquisition last October of San Francisco-based FlawCheck, Tenable.io Container Security (available April 2017) continuously monitors container images for vulnerabilities, malware, and enterprise policy compliance. By bringing security into the container build process up-front, organizations can gain visibility into the hidden risks in containers and remediate them before they reach production, without slowing innovation cycles.
Tenable.io Web Application Scanning: Safely scan web applications to identify and manage application vulnerabilities in a single integrated platform, alongside other network vulnerabilities and container flaws.
In coming quarters, Tenable.io will continue introducing capabilities that advance vulnerability management toward the strategic and integrated model of threat and vulnerability management (TVM), building on the platform’s unique asset coverage, openness, comprehensive vulnerability data, and licensing model.