Uncovers assets difficult to detect
Full asset discovery, fundamental to properly implement strong security policies and meet compliance criteria, is available using PVS. By continuously sniffing network traffic, PVS finds everything, even transients like BYOD and 'Shadow IT', unapproved systems accessing your network, and their vulnerabilities. PVS detects assets and services on your network including forgotten and unused virtual devices, embedded web applications, and legacy applications.
Finds inappropriate activity and misuse
PVS identifies and proves inappropriate activity and misuse with unique tracking of client-to-server and server-to-client relationships per port. By providing evidence of activity within trust relationships, inappropriate relationships can't hide on your network exposing sensitive data. PVS provides continuous monitoring of network traffic, establishing an unprecedented foundation for detection of unauthorized activity, attacks, and potential compromises. Unusual system access, unexpected use of unencrypted channels, unauthorized trust relationships, and newly introduced hosts are discovered with PVS.
The real value of PVS for a researcher/auditor is that a log of your activities can be easily created and referenced. PVS lets me spend less time on logging and more time on finding bugs.”
CTO of Errata Security
Provides accurate metrics continuously
By filling gaps between active scans, PVS provides accurate metrics over uninterrupted periods so you know how long a vulnerability was present on your network, if it was mitigated, and when. A comprehensive view supports security policy development and enforcement with continuous inspection and supporting evidence. Historical information is available on assets, systems, applications, and system communications.
Scans sensitive systems safely
PVS passive scanning provides vulnerability and asset detection which won't disrupt systems, allowing scanning of the most sensitive systems. The challenge in a security assessment of sensitive systems such as Supervisory Control and Data Acquisition (SCADA) or Industrial Control Systems (ICS) devices is performing it without causing any adverse effects. With other scanners, there is a chance of a SYN packet or UDP packet taking down a control system, but not with PVS. PVS only scans passively and, therefore, with no impact to production systems.
Identifies data flows for regulatory compliance
PVS monitors data flows and identifies otherwise undocumented data flows to provide a comprehensive view of data handling. Mandatory for many regulations like PCI DSS, accurate and comprehensive identification of all systems is required. Within PCI systems collectively called the “cardholder data environment” (CDE), controls must be consistently applied and validated on an annual basis. PVS not only monitors known data flows in/out of the CDE but also identifies undocumented data flows, particularly of unencrypted payment card information.
Expands scanning capabilities
Now available as an annual subscription, PVS in the practitioner's security toolkit provides continuous passive vulnerability scanning in an easy to install product. Its small footprint allows focused deployment to scan network segments previously not reachable, making it invaluable to a wide audience of security consultants, IT managers, auditors, and administrators. PVS provides results within minutes of a quick installation on isolated segments or behind the firewall for unique views of network traffic.
Passive Vulnerability Scanner
PVS is available as a member of Tenable’s Nessus Family of Products and as part of Tenable’s Continuous Monitoring solution, SecurityCenter Continuous View.