Key Enhancements to Tenable Cloud and Application Security Portfolio Deliver Holistic Visibility into Cyber Exposure

Enhancements are designed to enable the end-to-end DevOps process

COLUMBIA, Md., London, UK  (June 5, 2018)  — Tenable®, Inc., the Cyber Exposure company, announced a series of new product and ecosystem enhancements to®, its cloud-based Cyber Exposure platform, to help security teams discover, assess and manage cybersecurity risks across highly dynamic cloud environments. These enterprise-ready cloud enhancements are the first ever to deliver a unified view of Cyber Exposure from web applications to containers to cloud infrastructure, accelerating the adoption of DevOps practices while reducing risk.

Public clouds enable organizations to use infrastructure as code – meaning that the various building blocks they offer, such as storage services, virtual machines, containers and the underlying network itself, can all be modified via calls to the public cloud APIs.

Cloud computing has afforded organizations enormous speed and agility advantages and has driven the emergence of DevOps practices — which allow new application features to be deployed on a daily or even hourly basis. Yet for all of their advantages, cloud computing and DevOps introduce new complexities for security teams, including rapid-fire changes to production environments alongside short-lived and even server-less assets that create security blind spots. This leads to reduced visibility into the infrastructure itself and more often than not, to unmanaged cyber risk.

Organizations require both comprehensive security approaches and visibility into assets, vulnerabilities and exposures. Tenable’s new product and ecosystem enhancements deliver a unified view into Cyber Exposure across traditional IT and heterogeneous cloud platforms and enable security to be built into the entire software development lifecycle, from build to production. New platform and cloud ecosystem enhancements include:

  • Microsoft Azure and Google Cloud Platform (GCP) Cloud Connectors: Automatically and continuously discover and track asset changes in Azure and GCP cloud environments to ensure all cloud workloads are known and assessed for vulnerabilities. The Cloud Connectors for Azure and GCP complement the existing Cloud Connector for Amazon Web Services (AWS) to provide a unified view of cybersecurity risks across the top three most widely deployed public cloud (IaaS) platforms.
  • Container Runtime Scanning: Gain visibility into the Cyber Exposure of containers running in production. Container Security automatically identifies new containers in production, as well as changes to running containers, so they can be assessed for vulnerabilities. This complements existing capabilities for security testing of container images during the build process and identification of Docker hosts running in production. Together, Container Security and Vulnerability Management seamlessly integrate security into the end-to-end DevOps process, while providing a consistent view of data and unified customer experience.
  • Web Application Discovery: Identify web applications owned and deployed across an organization, including previously unknown applications, to understand the Cyber Exposure throughout an organization’s web application estate. Until now, security teams had to specify which web applications to scan by knowing the target URLs. Web application discovery solves a critical visibility challenge because the number of web applications deployed is often much higher than what the security team is aware of, creating a significant blind spot and increasing cyber risk.
  • Cloud Security Alliance: Tenable is a corporate member of the Cloud Security Alliance (CSA) and has completed a CSA STAR (Security, Trust & Assurance Registry) self-assessment for CSA STAR is the industry’s most powerful program for security assurance in the cloud.

“Widespread cloud adoption is leaving critical blind spots for security teams or forcing them to adopt point tools and later attempt to cobble together a complete picture of their environment,” said Dave Cole, chief product officer, Tenable. “This is far too much work and the antithesis of moving at cloud or DevOps speed. We want to make it fast and incredibly easy for our customers to manage the complete spectrum of modern risk and we believe that means taking new challenges head-on in”

Additional resources:

The Azure and GCP Cloud Connectors and container runtime scanning will be generally available within 60 days.  Web application discovery will be generally available in 2H 2018.  The Cloud Connectors are included at no extra cost with Vulnerability Management.  Container runtime scanning is included with Container Security.  Web application discovery is included with Web Application Scanning.

Related Articles