Tenable makes additions to Cloud Security portfolio
Tenable has announced additions to Tenable Cloud Security that represent the next step in assessing threats related to cloud vulnerabilities and misconfigurations.
With the introduction of Tenable Cloud Security Agentless Assessment paired with Tenable Cloud Security Live Results, Tenable aims to help organisations not only remediate vulnerabilities faster but also prevent threats like zero-days from being exploited, the company states.
The window between when a vulnerability is discovered and when it is exploited continues to shrink. Attackers typically start scanning for vulnerabilities within 15 minutes of a CVE being announced. Organisations need to be able to act quickly and determine if any critical assets are at risk, Tenable states.
Tenable Agentless Assessment unifies Cloud Security Posture Management (CSPM) and vulnerability management into a single solution, so security teams gain continuous visibility into the state of their cloud assets. It provides speed, cost and scale improvements over the first generation of cloud native security solutions, the company states.
Tenable Agentless Assessment is 100% agentless and API-based, enabling cloud security teams to use the power of Nessus for vulnerability assessments without the need to install scanners or agents, configure credentials on target hosts or set up scan policies.
Using a proprietary approach, it enables users to onboard their cloud accounts within minutes and scan all assets for software and misconfiguration vulnerabilities without any impact on compute speed or costs, Tenable states.
Tenable Live Results continuously inspects collected data, looking for matches to updates in the Tenable Research Vulnerability and Threat Library feed, helping cloud security teams and developers quickly identify security weaknesses and prevent risky deployments before they happen.
When a new vulnerability is published to the threat library, Tenable Live Results enables security teams to see if a vulnerability exists in their current asset inventory, without needing to execute a new scan. Near real-time detection reduces mean time to remediate (MTTR), helping to block zero-day vulnerabilities faster.
The solution gives customers exposure management with drift detection for cloud resources, along with multi-cloud discovery and governance to support security and compliance, the company states.
Key new capabilities launched today in the Tenable Cloud Security solution include:
Cloud security agentless assessment: Agentless, API-driven run-time scanning for cloud workloads, providing a unified view of organisations cloud environments at scale without increasing cloud computing costs. Data is collected using a proprietary API to build an inventory manifest from cloud instance storage volumes without having to mount a snapshot.
Cloud security live results: Cloud Detection and Response (CDR) capabilities, taking the data collected and continuously assessing it against the Tenable Research Vulnerability - Threat Library. When a new vulnerability is published, including zero-day attacks, to the threat library, Live Results allows security teams to see if a vulnerability exists in their current asset inventory, without needing to execute a new scan.
Reporting and policy workflow enhancements: New compliance and benchmark reports help teams adhere to security and compliance standards with access to over 1,400 pre-built policies that address more than 20 compliance standards - such as SOC2, HIPAA, and CIS benchmarks - helping reduce the effort required to report on cloud security posture.
Advanced DevOps integrations and infrastructure as code (IAC) security: Added support for HashiCorp Terraform Cloud Run Tasks, source code management and Jira enhancements helps teams address security flaws early in the cloud delivery process, by scanning and remediating infrastructure as code and integrating into existing cloud team workflows.
Glen Pendley, CTO Tenable, says, “Tenable Agentless Assessment represents a monumental step forward in cloud vulnerability scanning technology. As the period from vulnerability disclosure to exploitation shrinks, cybersecurity teams have even less time to respond.
"Tenable Cloud Security is an Easy Button that takes the time-consuming manual labour out of the equation, proactively detecting and assessing vulnerabilities in near real time. This enhanced visibility and continuous assessment on a single platform enables customers to improve risk prioritisation and zero in on remediating the vulnerabilities that matter most.
The Tenable Cyber Exposure Management platform provides unified vulnerability management across cloud and non-cloud assets.
New Tenable Cloud Security solution capabilities, including prioritised results for containers, are scheduled to be generally available for Amazon Web Services in the third quarter of 2022. Support for Microsoft Azure and GCP is expected by the end of 2022.