Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Partners with Google Cloud Platform

Many organizations are migrating to cloud providers for infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) functions. By moving key applications and infrastructure in the cloud, enterprises are lowering operating costs and easing the administrative burden on IT organizations.

However, security is often an overlooked aspect of moving these key applications to the cloud. The cloud brings inherent risk, and some of the risk is hard to measure for security managers. System administrators can and are spinning up new services and hosts that increase the attack surface in customer networks. In addition, security managers are losing visibility and control in cloud and hybrid environments.

In order to tackle these challenges, you must have a good understanding of what is operating in that environment, whether it be cloud or hybrid, and what risk it poses to your business. This issue can be a difficult one to solve in traditional environments, and with more companies moving to cloud service providers, this issue becomes even more challenging.

To help with these issues, Tenable has partnered with Google to integrate services between the Google Cloud Platform and Tenable SecurityCenter Continuous View™ (SecurityCenter CV™). The Google Cloud Platform (GCP) can export logs via its publish and subscribe service. This helps security teams to gain visibility into several aspects of their cloud infrastructure with the assistance of Tenable SecurityCenter CV. SecurityCenter CV enables users to access crucial data via log collection from GCP that provides companies with the visibility needed to understand the risk introduced by their extended network.

Here are some examples of the type of information GCP and SecurityCenter CV can provide.

GCP log data

SecurityCenter CV will act as a first line of defense when attackers are doing reconnaissance on your Google Cloud infrastructure. GCP will feed SecurityCenter CV log data that will alert users when unauthorized and potentially malicious web application scans are taking place. This can give your security teams an indication that something malicious is potentially occurring.

GCP Log Data

Event Summary

New hosts

SecurityCenter CV will alert users when new hosts are being used in the GCP environment. The impact of these particular alerts could be as simple as system administrators using too many resources or possibly attackers gaining a stronger foothold in your cloud environment.

Event Analysis

Host level changes

SecurityCenter CV can also detect host level changes that occur in your cloud environment. These types of alerts will give security personnel potential indicators of compromise or visibility into an expanding attack surface.

Host Level Changes

More information

Our goal at Tenable is to help our customers secure their IT environment regardless of whether that environment is physical, virtual, cloud or mixed. We’re excited to add this integration with Google Cloud Platform to the list of integrations with other cloud platforms. For more information on the Tenable integration with Google Cloud Platform, please download our datasheet.

Nessus® supports many cloud service providers, including Microsoft Azure, Rackspace, OpenStack, Amazon AWS, and is certified by the Center for Internet Security for the Amazon AWS Foundations benchmark. SecurityCenter Continuous View also supports auditing Salesforce, AWS CloudTrail, and several other cloud based services.

This blog was updated on 9/16/2016.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security