Table of Contents
MODERN VULNERABILITY MANAGEMENT
The IT landscape is changing, and your security strategy needs to change along with it. IT environments today are filled with traditional and modern, dynamic assets. Beyond physical servers, organizations are embracing virtual and cloud assets, which can be deployed quickly as needed, on demand.
These elastic assets, including mobile devices and containers, come and go from networks in an instant. Traditional quarterly, monthly or even weekly vulnerability scanning is no longer enough to provide the visibility and security needed as part of a Cyber Exposure program. Organizations need a modern, comprehensive strategy to quickly and accurately identify vulnerabilities and misconfigurations in their dynamic infrastructures, that delivers clear guidance and recommendations on how to prioritize and remediate any exposures to risk. Tenable.io™ helps solve today’s toughest vulnerability management challenges.
Using an advanced asset identification algorithm, Tenable.io provides the most accurate information about dynamic assets and vulnerabilities in ever-changing environments. As a cloud-delivered solution, its intuitive dashboard visualizations, comprehensive risk-based prioritization, and seamless integration with third-party solutions help security teams maximize efficiency and scale for greater productivity. When visibility and insight matter most, Tenable.io helps you focus on the right action every time.
- Eliminate Blind Spots Provides 32% greater vulnerability coverage than competitors, with more than 109,000 plugins across both applications and operating systems.
- Boost Productivity Take advantage of the SaaS-based solution to run your initial assessments in less than 5 minutes without the IT hardware or maintenance burden.
- Prioritize Cyber Risks Reduce the number of vulnerabilities requiring immediate attention by up to 97% with Predictive Prioritization.
- Automate Processes Leverage a fully documented API and pre-built integrations to import third-party data, automate scans, and share data with your IT systems.
- Maximize ROI Eliminate double- or triple-counting of assets that have multiple IP addresses with the industry’s first asset-based licensing model.
For more information, Tenable License
By purchasing Tenable.io you can benefit from following features:
- Customer-Friendly Elastic Asset Licensing: Tenable.io License offers a first-to-market asset-based licensing model that consumes just a single license unit per asset, even if the asset has multiple IP addresses. The solution’s elastic model also continues to permit scanning when license counts are temporarily exceeded and automatically recovers licenses for rarely scanned assets or one-time bursts.
- Comprehensive Assessment Options: Tenable.io leverages Nessus Sensors, a mix of active scanners, agents, and passive network monitoring, to help maximize scan coverage across your infrastructure and reduce vulnerability blind spots. This mix of data sensor types helps you include hard-to-scan assets in your vulnerability management program, such as transient devices analyzed by agents, and sensitive systems like industrial control systems which, can be monitored through passive traffic listening.
- Accurate Asset-Based Vulnerability Tracking: Tenable.io provides the ability to track assets and their vulnerabilities more accurately than any other solution in the industry. An advanced asset identification algorithm uses an extensive set of attributes (such as Tenable ID, NetBIOS name, MAC address and many others) to accurately identify and track changes to assets, regardless of how theyroam or how long they last.
- Vulnerability Prioritization Based on Actual Risk: Tenable.io prioritizes vulnerabilities based on the probability that it will be leveraged in an attack by combining over 150 data sources,including Tenable and third-party vulnerability and threat data. A proprietary machine learning algorithm is used to identify vulnerabilities with the highest likelihood of exploitability to help you focus first on the security issues that matter most to your organization.
- Simplified Vulnerability Management: Through a modern interface with intuitive dashboard visualizations, Tenable.io makes common tasks, such as configuring scans, running an assessment, and analyzing results, easier than ever. Pre-defined scan templates and configuration audit checks that follow best practices frameworks, such as CIS and DISA STIG, help you protect your organization with a fraction of the effort otherwise needed. Customize your reporting and analysis with pre-configured, out-of-the-box dashboards or quickly build your own from a blank canvas to meet organizational needs.
- Automated Cloud Visibility: Tenable.io enables continuous visibility and assessments into public cloud environments. Cloud Connectors automatically identify assets in Amazon Web Services, Microsoft Azure, and Google Cloud Platform and monitor their status in real-time. Assess cloud environments with Nessus Sensors to detect vulnerabilities, malware, and configuration and compliance issues.
- Pre-Built Integrations and a Documented API and Integrated SDK: Tenable.io has pre-built integrations – called “plugins” – available for popular credential management, SIEM, ticketing systems and other complementary solutions, so you can easily build an efficient vulnerability management process. A complete listing can be found here: https://www.tenable.com/partners/technology. Additionally, you can easily create your own integrations to Tenable.io by leveraging a fully documented API set and SDK. There is no extra cost to use these tools to maximize the value of your vulnerability data.
- SLA with Uptime Guarantee: Tenable provides the vulnerability management industry’s first and only uptime guarantee through a robust service level agreement (SLA) for Tenable.io. Service credits are offered if the SLA is not met, just like leading cloud vendors, such as Amazon Web Services.
- PCI-Certified Approved Scanning Vendor: Tenable.io is a PCI-Certified Approved Scanning Vendor (ASV) solution that enables merchants and service providers to demonstrate their Internet-facing systems are secure, according to PCI Data Security Standard (PCI DSS) external network vulnerability scanning requirements.
- Backed by Tenable Research: Tenable.io is backed by Tenable Research, delivering world-class Cyber Exposure intelligence, data science insights, alerts, and security advisories. Frequent updates from Tenable Research ensure the latest vulnerability checks, zero-day research, and configuration benchmarks are immediately available to help you secure your organization.