August 20, 2007
August 20, 2007 – Columbia, MD – Tenable Network Security, Inc., the leader in unified security monitoring and creator of the popular and award-winning Nessus vulnerability scanner, today announced it has upgraded from CVSS v1 to CVSS v2 of the National Institute of Standards and Technology (NIST) CVSS scores across Tenable’s entire vulnerability management product line to help organizations improve discovery of vulnerabilities and to prioritize remediation efforts.
“Tenable's Security Center, Passive Vulnerability Scanner and Nessus Vulnerability Scanner all currently provide support for NIST’s CVSS v2 scores, and our research team is actively engaged with NIST on scoring for new vulnerabilities. We believe that our customers will greatly benefit from one universal severity rating for security vulnerabilities,” says Ron Gula, CEO of Tenable.
NIST’s version of the Common Vulnerable Scoring System (CVSS) is a method for rating the impact of vulnerabilities published within the National Vulnerability Database (NVD). These scores are essential to enabling prioritization of vulnerability remediation. They are also a necessary component to NIST’s efforts to automate FISMA technical control compliance. NVD CVSS scores are essential to NIST’s larger efforts to enable commercial tools to automate FISMA technical control compliance and to perform security measurement.
“We are proud to bring NIST’s CVSS v2 scoring to a global user base,” says Ron Gula, CEO of Tenable. “As enterprises and international governments look to incorporate standards for vulnerability classification and reporting into their standard operating procedures, we believe that the NIST standard will be a natural standard to include.”
For more information on NIST and CVSS v2, please see: http://nvd.nist.gov/cvss.cfm. For further information about Tenable’s implementation of NIST’s CVSS v2, please visit: http://blog.tenablesecurity.com/2007/07/cvss-version-2-.html.
Tenable™, Inc. is the Cyber Exposure company. Over 23,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deeply understand assets, networks and vulnerabilities, extending this knowledge and expertise into Tenable.io™ to deliver the world’s first platform to provide live visibility into any asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, large government agencies and mid-sized organizations across the private and public sectors. Learn more at tenable.com.