Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies Sponsored Posts etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites. Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. A very few articles on our website are sponsored posts or paid advertorials. These are marked as sponsored posts at the bottom of each post. For avoidance of any doubts and to make it easier for you to differentiate sponsored or non-sponsored articles or links, you may consider all articles on our site or all links to external websites as sponsored . Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Key Enhancements to Tenable Cloud and Application Security Portfolio Deliver Holistic Visibility into Cyber Exposure

Enhancements are designed to enable the end-to-end DevOps process

COLUMBIA, Md., London, UK  (June 5, 2018)  — Tenable®, Inc., the Cyber Exposure company, announced a series of new product and ecosystem enhancements to Tenable.io®, its cloud-based Cyber Exposure platform, to help security teams discover, assess and manage cybersecurity risks across highly dynamic cloud environments. These enterprise-ready cloud enhancements are the first ever to deliver a unified view of Cyber Exposure from web applications to containers to cloud infrastructure, accelerating the adoption of DevOps practices while reducing risk.

Public clouds enable organizations to use infrastructure as code – meaning that the various building blocks they offer, such as storage services, virtual machines, containers and the underlying network itself, can all be modified via calls to the public cloud APIs.

Cloud computing has afforded organizations enormous speed and agility advantages and has driven the emergence of DevOps practices — which allow new application features to be deployed on a daily or even hourly basis. Yet for all of their advantages, cloud computing and DevOps introduce new complexities for security teams, including rapid-fire changes to production environments alongside short-lived and even server-less assets that create security blind spots. This leads to reduced visibility into the infrastructure itself and more often than not, to unmanaged cyber risk.

Organizations require both comprehensive security approaches and visibility into assets, vulnerabilities and exposures. Tenable’s new product and ecosystem enhancements deliver a unified view into Cyber Exposure across traditional IT and heterogeneous cloud platforms and enable security to be built into the entire software development lifecycle, from build to production. New Tenable.io platform and cloud ecosystem enhancements include:

  • Microsoft Azure and Google Cloud Platform (GCP) Cloud Connectors: Automatically and continuously discover and track asset changes in Azure and GCP cloud environments to ensure all cloud workloads are known and assessed for vulnerabilities. The Tenable.io Cloud Connectors for Azure and GCP complement the existing Cloud Connector for Amazon Web Services (AWS) to provide a unified view of cybersecurity risks across the top three most widely deployed public cloud (IaaS) platforms.
  • Container Runtime Scanning: Gain visibility into the Cyber Exposure of containers running in production. Tenable.io Container Security automatically identifies new containers in production, as well as changes to running containers, so they can be assessed for vulnerabilities. This complements existing capabilities for security testing of container images during the build process and identification of Docker hosts running in production. Together, Tenable.io Container Security and Tenable.io Vulnerability Management seamlessly integrate security into the end-to-end DevOps process, while providing a consistent view of data and unified customer experience.
  • Web Application Discovery: Identify web applications owned and deployed across an organization, including previously unknown applications, to understand the Cyber Exposure throughout an organization’s web application estate. Until now, security teams had to specify which web applications to scan by knowing the target URLs. Web application discovery solves a critical visibility challenge because the number of web applications deployed is often much higher than what the security team is aware of, creating a significant blind spot and increasing cyber risk.
  • Cloud Security Alliance: Tenable is a corporate member of the Cloud Security Alliance (CSA) and has completed a CSA STAR (Security, Trust & Assurance Registry) self-assessment for Tenable.io. CSA STAR is the industry’s most powerful program for security assurance in the cloud.

“Widespread cloud adoption is leaving critical blind spots for security teams or forcing them to adopt point tools and later attempt to cobble together a complete picture of their environment,” said Dave Cole, chief product officer, Tenable. “This is far too much work and the antithesis of moving at cloud or DevOps speed. We want to make it fast and incredibly easy for our customers to manage the complete spectrum of modern risk and we believe that means taking new challenges head-on in Tenable.io.”

Additional resources:

The Azure and GCP Cloud Connectors and container runtime scanning will be generally available within 60 days.  Web application discovery will be generally available in 2H 2018.  The Cloud Connectors are included at no extra cost with Tenable.io Vulnerability Management.  Container runtime scanning is included with Tenable.io Container Security.  Web application discovery is included with Tenable.io Web Application Scanning.