Tenable and Microsoft
With Microsoft Azure, organizations can rapidly deploy IT systems and applications— without the hassles and overhead of procuring and maintaining hardware and network infrastructure. Moving to the cloud affords businesses the agility and flexibility to accelerate development and time-to-market.
Tenable provides the security assurance and peace of mind for Microsoft Azure customers by providing asset visibility, attack surface reduction, and compromised systems detection. With flexible, proven solutions, Tenable enables Azure customers to:
- Discover all the assets, workloads and applications deployed and running in Azure
- Identify misconfigured and non-compliant IT assets that may be vulnerable to attacks and compromised by malware.
While customers may have security and compliance scanning solutions for on-premises assets, using these tools to scan assets in the Azure cloud may be construed by Microsoft as malicious and consequently be blocked.
Without a security solution architected and purpose-built for the cloud, customers face challenges in the following areas:
- Visibility: Which cloud virtual machines are running?
- Configuration: Which systems are misconfigured that could result in an attack?
- Compliance: Which systems are not hardened to industry and corporate compliance standards?
- Compromise: Which systems are vulnerable to compromise?
Tenable enables customers to have complete visibility of IT assets to reduce the attack surface. Whether your assets are deployed in Azure, remain on-premises, or a hybrid of the two, Tenable delivers comprehensive solutions for security and compliance, thereby eliminating the need to buy, deploy and learn multiple tools.
- Nessus: Audit your Azure environment remotely and non-intrusively with Nessus to identify deployed assets, databases, websites and account security settings that are in the cloud.
- Nessus Agents: Nessus Agents installed in your Azure instance provide vulnerability detection, configuration assessment, malware checks and compliance auditing. Nessus Agents can be managed by Tenable.io or Nessus Manager, and scan results can be viewed in Tenable.io, Nessus Manager or SecurityCenter.
- Nessus BYOL: Alternately Nessus can be run directly in the Azure cloud. This pre-built appliance eliminates the hassles of installing an OS and then the Nessus software. If you are a current Nessus customer, you can apply your existing Nessus licenses to Nessus (BYOL) to perform Azure environment auditing or scanning.
- SecurityCenter and SecurityCenter Continuous View: Nessus scan results from any Nessus solution can be imported to SecurityCenter or SecurityCenter CV to provide you with a complete view of both on-premise and Azure cloud assets. This empowers organizations to track and trend security and compliance issues, providing C-level measurement and metrics on the effectiveness of remediation and response programs for on-premise, Azure cloud and hybrid environments.
Deploying Tenable solutions for Microsoft Azure offers the following advantages:
- Enables security administrators to gain visibility into what resources are deployed in both their Azure cloud and on-premises assets
- Improves ROI by removing the burden of manually verifying each cloud virtual machine for misconfigurations and poorly implemented security settings
- Reduces security exposure by prioritizing vulnerable machines and compromised systems that require remediation
- Enables the adoption of DevOps process by ensuring Azure virtual machines are securely deployed and meet compliance requirements
- Lowers the cost of ownership and reduces complexity by providing a single technology to scan both on-premises and Azure cloud deployments