Tenable®, the Cyber Exposure Management company, announced transformative Tenable Cloud Security enhancements that represent the industry’s next step in assessing threats related to cloud vulnerabilities and misconfigurations. Tenable is assisting organizations in not only remediating vulnerabilities faster but also preventing threats such as zero-day exploits with the introduction of Tenable Cloud Security Agentless Assessment and Tenable Cloud Security Live Results.
“Tenable Agentless Assessment represents a monumental step forward in cloud vulnerability scanning technology,” said Glen Pendley, CTO, Tenable. “As the period from vulnerability disclosure to exploitation shrinks, cybersecurity teams have even less time to respond. Tenable Cloud Security is an Easy Button that takes the time-consuming manual labor out of the equation, proactively detecting and assessing vulnerabilities in near real time. This enhanced visibility and continuous assessment on a single platform enables customers to improve risk prioritization and zero in on remediating the vulnerabilities that matter most.”
The time between when a vulnerability is discovered and when it is exploited is getting shorter. Within 15 minutes of a CVE being announced, attackers typically begin scanning for vulnerabilities. Organizations must be able to act quickly and determine whether any critical assets are in jeopardy. Tenable Agentless Assessment combines Cloud Security Posture Management (CSPM) and vulnerability management into a single solution, giving security teams real-time visibility into the health of their cloud assets. It outperforms the first generation of cloud native security solutions in terms of speed, cost, and scale.
Tenable Agentless Assessment is completely agentless and API-based, allowing cloud security teams to leverage the power of Nessus® for vulnerability assessments without installing scanners or agents, configuring credentials on target hosts, or configuring scan policies. It uses a proprietary approach that allows users to onboard their cloud accounts in minutes and scan all assets for software and misconfiguration vulnerabilities without affecting compute speed or costs. Tenable Live Results continuously inspects collected data for matches to updates in the Tenable Research Vulnerability and Threat Library feed, assisting cloud security teams and developers in quickly identifying security flaws and preventing risky deployments from occurring.
Tenable Live Results allows security teams to see if a vulnerability exists in their current asset inventory when a new vulnerability is published to the threat library, without having to run a new scan. Near real-time detection reduces mean time to remediate (MTTR), allowing for faster detection of zero-day vulnerabilities. Customers can use the solution to support security and compliance by providing easy-to-deploy exposure management with drift detection for cloud resources, as well as multi-cloud discovery and governance.
Key new capabilities launched today in the Tenable Cloud Security solution include:
- Cloud Security Agentless Assessment – 100% agentless, API-driven run-time scanning for cloud workloads, providing a unified view of organizations’ cloud environments at scale without increasing cloud computing costs. Data is collected using a proprietary API to build an inventory manifest from cloud instance storage volumes without having to mount a snapshot.
- Cloud Security Live Results – Cloud Detection and Response (CDR) capabilities, taking the data collected and continuously assessing it against the Tenable Research Vulnerability & Threat Library. When a new vulnerability is published, including zero-day attacks, to the threat library, Live Results allows security teams to see if a vulnerability exists in their current asset inventory, without needing to execute a new scan.
- Reporting and Policy Workflow Enhancements – new compliance and benchmark reports help teams adhere to security and compliance standards with access to over 1,400 pre-built policies that address more than 20 compliance standards – such as SOC2, HIPAA, and CIS benchmarks – helping reduce the effort required to report on cloud security posture.
- Advanced DevOps Integrations and Infrastructure as Code (IAC) Security – added support for HashiCorp Terraform Cloud Run Tasks, source code management and Jira enhancements helps teams address security flaws early in the cloud delivery process, by scanning and remediating infrastructure as code and integrating into existing cloud team workflows.