This week, Tenable made an exciting announcement about Tenable.io™, our new, modern vulnerability management platform built for today’s elastic assets. The Tenable.io platform will include state-of-the-art applications for specific business needs, the first of which is Tenable.io Vulnerability Management. In the near future, we’ll release additional applications for container security, web application scanning, and more.
For Nessus® Cloud customers, this first application is important because Nessus Cloud has evolved into Tenable.io Vulnerability Management.
Tenable.io Vulnerability Management will be familiar to anyone who has used or seen Nessus Cloud in the past. All the capabilities that were in Nessus Cloud are now a part of Tenable.io Vulnerability Management, including:
- Running vulnerability assessments for software flaws, configuration issues and malware detection using Nessus scanners and/or agents to reduce your attack surface
- Sharing scan resources, such as scanners, policies, and results for more efficient use of Tenable.io Vulnerability Management
- Integrating with complementary solutions like credential management, mobile device management, and patch management systems
Along with the previous Nessus Cloud features, Tenable.io Vulnerability Management also offers new capabilities that will help security professionals solve some of the very tough vulnerablity management challenges that come up in today’s dynamic IT environments.
Asset tracking delivers reliable results
Historically, vulnerability management solutions have tracked vulnerabilities by IP address. In recent years, IP-based vulnerability tracking has become more of a problem because many assets today have multiple IP addresses. Or for elastic assets like cloud instances, the IP address is often irrelevant. In situations like these, traditional vulnerability management solutions – relying solely on IP addresses – will simply provide inaccurate results.
Tenable.io Vulnerability Management offers a highly accurate way to track assets and vulnerabilities on those assets. It employs an advanced asset identification algorithm that uses an extensive set of attributes such as Tenable ID, NetBIOS name, MAC address, and many others to accurately track assets, changes to assets, and vulnerabilities on those assets.
Asset tracking enables Tenable.io to deliver the most accurate count and state information about vulnerabilities. There’s no duplicate counting of vulnerabilities on assets that have multiple IP addresses or mis-counting on assets that can have short-lived IP addresses like cloud instances. With this greater visibility and insight, security professionals are armed to make better decisions about where to focus resources and priorities to best protect their environments.
Customer friendly elastic asset licensing
Building on the foundation of asset tracking, Tenable.io Vulnerability Management customers also benefit from elastic asset licensing – the industry’s only licensing approach based on assets instead of IP addresses. Other vulnerability management solutions today follow rigid IP-based licensing, and for most organizations this results in increased cost, as IP counts can be challenging to gather accurately. Tenable.io follows a flexible and customer-friendly elastic asset licensing model, enabling users to monitor and adjust license consumption and then true-up when necessary, while continuing to use the product. Tenable.io automatically reclaims licenses from assets not scanned for 90 days – without deleting the data.
Dashboards and reports
To make it easier for security professionals to get insight into vulnerability data, there are a number of new dashboards and reports in Tenable.io Vulnerability Management. For example, there’s a new dashboard that specifically identifies those vulnerabilities that are exploitable by malware, which for many organizations will sit higher on the remediation list than others. The example below shows a dashboard that highlights patching status, which can be helpful for organizations that have goals like “fix all high priority vulnerabilities within 30 days.”
This initial introduction of Tenable.io and Tenable.io Vulnerability Management is just the start. I look forward to sharing more new capabilities throughout 2017 and beyond.
If you have been using Nessus Cloud, the evolution to Tenable.io Vulnerability Management is seamless and requires no action on your part. When you log in, you’ll see the new name, and more importantly, new capabilities available to you.
If you’re new to Tenable.io Vulnerability Management, we’d love to have you learn more or take the application for a test drive. Here are a few resources that will help get you started: