Since its introduction in 2003, SecurityCenter® has continually driven innovation in the vulnerability management market, enabling organizations to manage and measure Cyber Exposure across IT assets. With the recent spate of high-profile breaches and threats – Equifax, WannaCry, Petya/NotPetya and others – there’s never been a greater need for effective cyber hygiene. And that starts with vulnerability management.
We’ve been hard at work enhancing SecurityCenter to help you take the next step forward in maturing your security program. Our latest innovations are focused on enterprise manageability, performance and analytical improvements, and technology integrations. We’re excited to take the wraps off some recent feature and integration releases and give you a glimpse into what's coming soon. Let’s take a look!
We’ve enhanced enterprise-level manageability to accommodate localized security policy requirements and enriched asset detection for diverse IT environments, with the following:
- Multi-LDAP support: Many large organizations use more than one LDAP server, which creates challenges for those using LDAP to authorize SecurityCenter users. By adding support for using multiple LDAP servers to authorize SecurityCenter users, we’re helping customers reduce operational overhead and administrative challenges and support compliance with local security policies.
- Expanded asset discovery and fingerprinting for IT environments: We’ve recently enhanced detections for dozens of new asset attributes to increase both the breadth and depth of asset discovery. We added printer detection via TLS/SSL, MAC Address discovery via SNMP and VXLAN, Hostname via DNS and mDNS and many more. Our patented passive network monitoring technology (Nessus® Network Monitor) sees and identifies devices that would otherwise go undetected by other VM solutions.
Performance and analytical improvements
To help security teams be as effective and efficient as possible, we’re continuing to invest in SecurityCenter in the areas of performance and analytical capabilities, and we’re pleased to announce key enhancements:
- Performance improvements with multi-threading: By updating SecurityCenter to take advantage of multi-threading, we’re delivering performance and speed increases that enable up to a 50-percent reduction in the time required for dynamic asset preparation for larger data sets, increased speed for Recast/Accept and faster searching with plugin text searches and for complex searches on Plugin Output.
- Plugin filtering: This advanced scanning capability gives customers the ability to filter by plugin family type, such as Backdoors or Brute Force Attacks. It helps you save time and increase productivity by providing a comprehensive view of plugins associated with a specific family type.
- CVSSv3 (coming in Q3): To ensure the most accurate vulnerability scores, SecurityCenter will soon pull vulnerability scores from CVSS version 3, the latest version of CVSS. CVSS is the industry-standard vulnerability scoring system and SecurityCenter’s main scoring system for vulnerabilities. CVSS version 3 aims to provide clearer, more consistent and more accurate scores for modern-day vulnerabilities.
Tenable is integrating SecurityCenter with even more market-leading technology solutions to solve a broad set of customer challenges and automate more processes. From ingesting third-party data to simplifying credential management, SecurityCenter’s integrations make it easier for organizations to manage their vulnerability management program and minimize risk:
- ServiceNow: This new integration allows customers to seamlessly export SecurityCenter vulnerability data into ServiceNow Vulnerability Response, making it easier to gain continuous visibility from vulnerability detection and prioritization through remediation. With this, customers can move beyond manual exporting and importing by automating and speeding the resolution of security issues. With Tenable and ServiceNow, your security team can focus on security, not IT.
- CyberArk: We’ve enhanced the integration between SecurityCenter and CyberArk to simplify the way customers manage access to privileged credentials for vulnerability and compliance scans. Users no longer need to store and manage their credentials within SecurityCenter to perform authenticated scans, easing administration and reducing the complexity of credential management.
- BMC: This new integration allows customers to automatically export Tenable vulnerability and compliance violation findings into the BMC SecOps Response Service to accelerate incident response.
- BeyondTrust (coming in Q3): Tenable will automatically obtain privileged credentials from BeyondTrust PowerBroker to perform authenticated scans. This integration simplifies management of user access and privileges while scanning for vulnerabilities and compliance checks with SecurityCenter. Users get full administrator-level access to the system they’re scanning.
- Lieberman (coming in Q3): This integration gives joint customers the ability to configure SecurityCenter to pull credentials from Lieberman RED for authenticated scanning. Users will be able to more easily run credentialed scans to yield deeper, more accurate scan results to get better visibility into vulnerabilities on their network.
- Expanded SIEM integrations: To ensure customers can seamlessly import vulnerability data into their central correlation platforms, we’re expanding our integrations with SIEM providers. We’ve recently completed integrations with LogRhythm and IBM QRadar. And coming soon, you’ll see support for McAfee ESM (coming in Q3) as well as an updated Splunk application (coming in Q2) that enhances the user experience and ensures easy transfer of data.
We’re excited to share these innovations in SecurityCenter and how we’re continuing to enhance the platform to meet customers’ vulnerability management needs.
To learn more about how organizations are using SecurityCenter to gain better visibility and understanding of their IT environments, check out this great talk by Jered Bare from CARFAX on building custom tools with the SecurityCenter API, given at our recent user conference, Edge 2018.
We continue driving SecurityCenter forward to support demanding enterprise requirements, providing security teams with automated, continuous and accurate visibility into their IT assets.