Complete Genomics
Tenable allows us to address critical threats 67% faster and with fewer resources, while achieving a 75% reduction in compliance reporting time.Its insights ensure we can secure our environment without risking the functionality of our genome sequencers.
Key Business Needs:
Risk-based vulnerability assessments are essential for Complete Genomics, whose genome sequencers manage highly sensitive and critical data. Any security gaps could result in data breaches or operational disruptions, potentially compromising vital research initiatives. Since implementing Tenable Vulnerability Management, Complete Genomics has significantly strengthened its security posture—enhancing compliance reporting, streamlining vulnerability remediation, and improving its response to zero-day threats.
Product(s) used:
Scroll down to read the full case study.
Industry
Life Sciences
Location
North America
Complete Genomics accelerates threat response by 67% and cuts compliance reporting time 75% with Tenable Vulnerability Management
Complete Genomics, a leader in advanced genomic sequencing, plays a critical role in personalized medicine and pharmaceutical research. The company processes highly sensitive intellectual property and operational data. For Chief Information Security Officer Maxim Hudaley, protecting this data while ensuring uninterrupted operations in R&D and manufacturing is a non-negotiable priority.
Since implementing Tenable Vulnerability Management, Complete Genomics has achieved impressive results, including a 75% reduction in compliance reporting time, a 67% efficiency improvement in vulnerability management, and the ability to address critical vulnerabilities within 24 hours.
"Tenable has fundamentally transformed how we manage vulnerabilities," Hudaley says. "It enables us to prioritize risks effectively, respond faster and ensure our genome sequencers operate without disruption."
Balancing security and operational integrity
“Our genome sequencers process highly sensitive data that drives breakthroughs in personalized medicine and pharmaceutical research,” explains Hudaley. “Any vulnerabilities in our systems could jeopardize data integrity, disrupt operations, and erode client trust.”
Complete Genomics also faces stringent regulatory requirements, including compliance with HIPAA and FDA regulations for medical devices. These mandates demand meticulous documentation, regular audits, and robust security protocols. However, the company’s previous manual processes for vulnerability management and compliance reporting were time-consuming and prone to errors
“Before Tenable, our vulnerability management was fragmented,” says Hudaley. “Each location conducted scans independently, and we spent countless hours compiling and analyzing data. Reporting for compliance audits was another major challenge, as we had to manually consolidate information from multiple systems.”
Risk-based vulnerability management with Tenable
Complete Genomics chose Tenable Vulnerability Management for its advanced features, cost-effectiveness, and ability to gauge the impact of patches and updates to sensitive medical device software. By implementing Tenable across its multiple locations, the security team streamlined its vulnerability management process, significantly improving efficiency and accuracy.
One of the standout features for Complete Genomics was Tenable Vulnerability Management’s ability to assess the impact of patches on the genome sequencers’ sensitive software. “Our devices are incredibly precise, and even minor software updates can interfere with their functionality,” Hudaley explains. “Tenable provides detailed insights into potential risks and compatibility issues, allowing us to maintain operational integrity while enhancing security.”
Hudaley highlights several key reasons for selecting Tenable Vulnerability Management:
- Advanced features and cost-effectiveness: Enterprise-grade vulnerability management capabilities at a reasonable cost, making it a smart and efficient investment.
- Medical Device Compatibility Insights: Detailed analysis of how patches and updates may impact sensitive medical device software, ensuring operational integrity.
- Powerful reporting tools: Simplifies the process of identifying, prioritizing, and addressing vulnerabilities with clear and actionable reports; simplifies compliance with HIPAA and FDA requirements.
- Efficient risk mitigation: Risk-based approach enables prompt attention to critical vulnerabilities, reducing time and resource requirements.
- Comprehensive security visibility: Delivers an in-depth view of the organization’s security posture, supporting better decision-making.
- Strengthened threat defense: Continuous monitoring and actionable insights fortify defenses against evolving threats, ensuring a more secure environment.
Complete Geonomics achieves significant security and operational gains
Since adopting Tenable Vulnerability Management, Complete Genomics has seen dramatic improvements in its security operations and compliance reporting.
Since implementing Tenable Vulnerability Management, the organization has seen a significant boost in efficiency and effectiveness across its security operations. One of the most notable improvements has been in vulnerability management, where the team reduced the time spent reviewing scan results by an impressive 67%. “We’ve gone from 60 manhours per week to just 20,” says Hudaley. “Tenable’s indepth analysis streamlines our workflow, ensuring timely remediation without disrupting our operations.”
Compliance reporting has also become dramatically more efficient. Previously, the organization dedicated 40 hours each month to meet regulatory requirements, but thanks to Tenable’s automated reporting features, that number has dropped to just 10 hours —a 75% reduction. Hudaley notes, “The automated reporting features ensure we meet regulatory deadlines with accuracy and confidence.”
Perhaps most critically, the team has been able to respond rapidly to emerging threats. When Tenable Vulnerability Management flagged a zero-day vulnerability in a core database system, the necessary patches were deployed within 24 hours. “The detailed remediation steps ensured that our genome sequencers were unaffected,” Hudaley explains, “preventing potential exploitation and maintaining operational continuity.” These outcomes highlight the platform’s role not only in improving operational efficiency but also in strengthening the organization’s overall security posture.
Looking toward OT
As Complete Genomics continues to expand its operations it plans to extend Tenable’s coverage to its operational technology (OT) assets and on-premises applications. Integrating IT and OT security will provide a unified view of its infrastructure, further enhancing visibility and efficiency.
“We’re excited to explore Tenable’s capabilities for securing Active Directory and OT systems,” says Hudaley. “By expanding its use, we’ll achieve a more comprehensive security posture and ensure all facets of our environment remain protected.”
A catalyst for security-first culture
For Complete Genomics, Tenable has been more than a vulnerability management solution — it has driven a cultural shift toward proactive security.
“Tenable’s insights have shaped our training programs and policies, fostering a security-first mindset throughout the organization,” Hudaley concludes. “By aligning our efforts with the operational needs of our devices, we’ve enhanced reliability, productivity, and trust. Tenable Vulnerability Management has been more than just a tool for us — it’s been a catalyst for positive change in how we approach security at every level.”
- Risk-based Vulnerability Management
- Vulnerability Management
- Tenable Vulnerability Management
