Tenable®, the Cyber Exposure company, has announced the addition of Nessus® Expert to its trusted vulnerability assessment solution portfolio. The Nessus Expert is designed to provide extended external capabilities and expanded visibility into cloud native environments to security consultants, pen testers, and security practitioner.
“Nessus is the gold standard for vulnerability assessment. We’ve enhanced capabilities to address cloud instances that are constantly updating and connecting to various sources. We’re upping the ante with Nessus Expert,” said Glen Pendley, chief technology officer, Tenable. “Nessus Expert delivers modern vulnerability assessment capabilities that cover everything from internal and external assets to code and cloud configurations before anything is ever deployed. This is a game changer for both assessing DevSecOps and infrastructure security.”
External assets and cloud configurations are two of the most significant cyber risks confronting organizations today. Most businesses do not keep good track of their external footprint, which cybercriminals and other threat actors can easily exploit. External Attack Surface Management (EASM) eliminates such blind spots by monitoring all external assets across the enterprise for discovery, attribution, and change detection.
At the same time, while organizations are leveraging public clouds, cloud security solutions are frequently deployed too late in the development cycle. The best way for organizations to get the most out of the cloud is to start with infrastructure as code (IAC) security, catching misconfigurations and software vulnerabilities before anything is deployed.
Nessus Expert is the first product to address both of these pain points, building on the Nessus brand’s reputation as the industry’s most recognized and widely deployed vulnerability assessment solution. Nessus Expert takes a smarter and more straightforward approach to DevSecOps, allowing users to gain an understanding of an organization’s external attack surface that could be exposed to threat actors and to assess infrastructure as code (IaC) for vulnerabilities before runtime.
Following the incorporation of Bit Discovery and Terrascan technologies earlier this year, Nessus Expert now includes external attack surface discovery and IaC security analysis, giving pen testers, consultants, SMBs, and developers a distinct competitive advantage with their expanded risk assessment capabilities.
Key New Capabilities
Nessus Expert offers the following features in addition to everything offered in Nessus Professional:
● External Attack Surface Discovery – to discover internet-facing assets in domains and subdomains associated with an organization
● Infrastructure as Code Scanning – to establish guardrails in automated GitOps and CI/CD processes that ensure secure deployments with minimal effort with up to 500 pre-built policies.
Security consultants and audit functions benefit from Nessus Expert and Nessus Professional. Tenable also provides enterprise-wide vulnerability and cyber risk management, such as cloud security, Active Directory security, and external attack surface management.