Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

How Industry Partnerships Support Taking a Proactive, Preventive Approach to Cybersecurity

How Industry Partnerships Support Taking a Proactive, Preventive Approach to Cybersecurity

Exposure management requires open collaboration across the security ecosystem to solve difficult customer problems. An August 2022 technical issue identified by Microsoft and behind-the-scenes resolution among multiple technical teams over a weekend demonstrates how proactive collaboration can benefit customers.

The work cybersecurity professionals do every day to prevent an event from happening rarely gets the headlines. Yet, it’s just as significant as the work we do to respond to an incident as it’s happening. Such was the case in the story we’re about to share. It’s one of those events in which an ounce of prevention was worth a pound of cure, and speaks to the value of taking a proactive, preventive approach. It also speaks to the interconnected nature of cybersecurity technologies and demonstrates how effective collaboration between vendors ultimately benefits users.

In mid-August 2022, Microsoft tech support had been fielding an uptick in reports of users not being able to access Azure-hosted Office 365 services. By the end of the week, they had identified a common theme among customers that were using both Tenable and Microsoft products in their environments., When Tenable vulnerability scans were run on Windows machines joined to Azure Active Directory (AAD), the machines were being negatively impacted.

Using established partnership channels, Microsoft reached out to points of contact within Tenable Research in the afternoon of Saturday, Aug. 20. By Saturday evening, engineering team members from both Tenable and Microsoft were collaborating on identifying the root cause of the issue and continued communications through the night.

On the next morning’s status call, a shared customer — who was willing to engage on this issue — was identified and all parties collaborated throughout the day to determine the issue and test proposed solutions.

By late Sunday night, a draft workaround was verified in the customer’s environment to avoid the identified file contention issue, and commitments were made by Tenable and Microsoft to have the interim solution and joint communication released on Monday.

The incident was not about a vulnerability, but instead was a file contention situation where the operating system locks the file or, in some instances, deletes the file when competition for a resource occurs.

Within 48 hours of initial engagement from Microsoft, an updated Tenable plugin solution was released to our customers through our automated feed. Throughout the following week, Tenable and Microsoft teams stayed in constant contact to address customer questions, explore engineering alternatives, if needed, and coordinate communications for our shared customers.

Transparency and open collaboration matter

Whilst the whole incident was generally invisible to the user, it displays the reality of what can happen with multiple security tools running in a shared customer environment.

However Tenable was able to remain ahead and abreast of this issue thanks to the established and ongoing relationships with our industry partners. During the whole issue, we had an open communication with Microsoft and were in frequent discussion with them during and after the initial response.

Ultimately, established engineering-level relationships, transparency around the issue and shared commitment to finding solutions greatly reduced the impact of this event. Only a few of Tenable’s customers reported the incident to us, and resolving it was relatively straight-forward.

Coordinated communications from both Tenable and Microsoft provided customers with quick solutions in an updated Tenable plugin to avoid future file contention. Also guidance was provided from Microsoft on how to update the Azure AD BrokerPlugin to restore user access.

This resolution to the situation was primarily achieved because of Tenable Research, our relationships, our ability to respond rapidly and our commitment to providing the best knowledge for our customers. Established partnerships, transparency, and a shared customer-centric commitment to security were the keys to this successful rapid response event. While it’s impossible to measure the value of making sure an incident did not happen, we believe such proactive steps are fundamental to helping organizations around the world reduce risk without sacrificing performance. We hope that by shining a spotlight on the value of preventive security efforts we can provide other security professionals with a means to articulate the value of their own exposure management practices.

Learn more

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training