Tenable, a cyber exposure management company, announces today transformational additions to Tenable Cloud Security that represent the industry’s next step in assessing threats related to cloud vulnerabilities and misconfigurations.
With the introduction of Tenable Cloud Security Agentless Assessment paired with Tenable Cloud Security Live Results, Tenable helps organizations remediate vulnerabilities faster and prevent threats like zero-days from being exploited.
The window between when a vulnerability is discovered and when it is exploited is shrinking. Attackers typically scan for vulnerabilities within 15 minutes of common vulnerabilities and exposures (CVE) being announced. Organizations need to act quickly and determine if critical assets are at risk.
Tenable Agentless Assessment unifies cloud security posture management (CSPM) and vulnerability management into a single solution, so security teams gain continuous visibility into the state of their cloud assets. It provides significant speed, cost and scale improvements over the first generation of cloud-native security solutions.
Tenable Agentless Assessment is 100 percent agentless and API-based, enabling cloud security teams to use the power of Nessus for vulnerability assessments without the need to install scanners or agents, configure credentials on target hosts or set up scan policies. Using a proprietary approach, it enables users to onboard their cloud accounts within minutes and scans all assets for software and misconfiguration vulnerabilities without any impact on computing speed or costs.
Tenable Live Results inspects collected data, looking for matches to updates in the Tenable Research Vulnerability and Threat Library feed, which helps cloud security teams and developers identify security weaknesses and prevent risky deployments before they happen.
When a vulnerability is published to the threat library, Tenable Live Results enables security teams to see if a vulnerability exists in their asset inventory, without needing to execute a new scan. Near real-time detection reduces mean time to remediate (MTTR), helping to block zero-day vulnerabilities faster. The solution gives customers easy-to-deploy exposure management with drift detection for cloud resources, along with multi-cloud discovery and governance to support security and compliance.
Key new capabilities launched in the Tenable Cloud Security solution include:
- Cloud Security Agentless Assessment – 100 percent agentless, API-driven run-time scanning for cloud workloads, providing a unified view of organizations’ cloud environments at scale without increasing cloud computing costs. Data are collected using a proprietary API to build an inventory manifest from cloud instance storage volumes without having to mount a snapshot.
- Cloud Security Live Results – Cloud Detection and Response (CDR) capabilities, taking the data collected and assessing them against the Tenable Research Vulnerability & Threat Library.
- Reporting and Policy Workflow Enhancements – New compliance and benchmark reports help teams adhere to security and compliance standards with access to more than 1,400 pre-built policies that address more than 20 compliance standards helping reduce the effort required to report on cloud security posture.
- Advanced DevOps Integrations and Infrastructure as Code (IAC) Security – Added support for HashiCorp Terraform Cloud Run Tasks, source code management and Jira enhancements help teams address security flaws early in the cloud delivery process, by scanning and remediating infrastructure as code and integrating into existing cloud team workflows.
To learn more about Tenable Cloud Security, watch a demo or register for a free trial, visit: https://www.tenable.com/products/tenable-cs
