Tenable has partnered with market leading technology companies to pioneer the industry’s first Cyber Exposure ecosystem, to help the digital enterprises of today - and tomorrow - build resilient cybersecurity programs.Read the Press Release
to Solve Customer Problems
From ingesting third-party data to enriching third-party systems, the Cyber Exposure partner ecosystem connects disparate solutions and data to accelerate an organization’s ability to understand, manage and reduce cyber risk.
THIRD party data integration
Tenable gains even more intelligence by integrating third party data into its platform including threat intelligence, asset data, and other indicators of security health. By adding context to the asset’s exposure, organizations can prioritize remediation based on the asset’s business criticality and the severity of the issue.
Enriching THIRD party systems
Tenable live Cyber Exposure data is integrated into third party Security and IT Operations tools including ticketing, CMDBs, and systems management to prioritize remediation, enhance IT service delivery and integrate Cyber Exposure into your organization’s overall IT risk and compliance framework.
“We’re delighted to work with ServiceNow to provide our joint customers with broader visibility and deeper insight into their Cyber Exposure so they can understand and reduce cyber risk holistically across their entire attack surface, from IT to Cloud and Containers to IoT devices.”Dave Cole, Chief Product Officer of Tenable Read the Press Release
Cyber Exposure Ecosystem:
Featured Technology Partners
ServiceNow | Security Operations
Together, Tenable and ServiceNow Security Operations bring common visibility to organizations by automatically discovering IT, Cloud and IoT assets, continually assessing these systems for vulnerabilities, linking vulnerabilities with the asset’s business criticality, and prioritizing issues based on this data to accelerate remediation. Joint customers can run automated workflows to solve their most vulnerable items first, saving time and reducing potential exposure related to the vulnerability. In addition, the integration can trigger an automatic re-assessment of the asset to provide validation that the issues were sufficiently resolved, creating a complete, closed-loop remediation process.Solution Brief
Amazon Web Services (AWS) | Cloud Infrastructure
The AWS Connector for Tenable.io automatically and continuously discovers and tracks asset changes in AWS cloud environments to ensure all instances are known and assessed for exposure with every change. With the life of cloud workloads commonly measured in hours, the AWS Connector solves a key challenge of achieving accurate visibility into cyber risk by creating a consolidated view of all on-prem and cloud-based assets. This empowers security teams to manage Cyber Exposure across the entire modern attack surface with a complete picture.
APCON | Network Monitoring
The APCON IntellaStore platform provides data aggregation, capture, storage and onboard applications all in one box. IntellaStore captures all traffic of interest from anywhere in the network and provides full packet visibility to the Nessus Network Monitor running directly on the IntellaStore. The ability to have Nessus Network Monitor running on the same box that is tapping the data means data can be analyzed from one spot and threats can be identified faster.
BMC | SecOps
Automatically export Tenable vulnerability and compliance violation findings into the BMC SecOps Response Service to accelerate incident response.
Cisco | NAC
Integration with Cisco Identity Services Engine (ISE) leverages Tenable vulnerability and compliance violation findings to trigger rule-based Network Access Control to remediate vulnerable systems.
CyberArk | Privileged Account Management
Tenable integration with CyberArk Application Identity Manager™ simplifies privileged access to hosts for more accurate and faster vulnerability assessment.Solution Brief
Cybric | Continuous Application Security Platform
CYBRIC fuels innovation by seamlessly embedding security into the development lifecycle. CYBRIC is the first to orchestrate and automate all code and application security testing. The company’s Continuous Application Security Platform seamlessly integrates security into the development process, delivering frictionless security assurance from code commit to application delivery.
Dell | Patch Management
Tenable solutions integrate with Dell KACE systems management appliances to identify missing patches on vulnerable systems, identify unmanaged systems that are vulnerable and require patching, and extend scanning to cover systems that cannot be directly scanned. Tenable can also audit systems running the Dell Force10 FTOS system.
ForeScout | NAC
Integration with ForeScout CounterAct® allows the product to notify Tenable when new systems join the network, triggering immediate vulnerability assessment of newly detected devices and the ability to execute protective actions on vulnerable systems.
Gigamon | Networking
By deploying Gigamon and Tenable solutions together, organizations that have encrypted traffic in their environments can regain visibility into what devices are connecting to their environment and continuously monitor network traffic to identify vulnerabilities and risk.
IBM | SIEM
Automatically export Tenable vulnerability and compliance findings into IBM QRadar and import QRadar alerts into Tenable to trigger on-demand scans to correlate vulnerable systems with SIEM alert activity for greater analysis accuracy and issue prioritization.
Infoblox | IP Address Management
Integration with Infoblox IP Address Management allows the product to trigger immediate vulnerability assessment via Tenable when new systems join the network or during incident response to identify compromised systems.
Kenna | TVM
Kenna (formerly Risk I/O) takes in vulnerability scan results from Nessus to correlate with other assessment information to help customers prioritize issues.
LogRhythm | Security Intelligence
LogRhythm empowers organizations on six continents to rapidly detect, respond to and neutralize damaging cyberthreats. The LogRhythm platform unifies leading-edge data lake technology, artificial intelligence, security analytics and security automation and orchestration in a single end-to-end solution. LogRhythm serves as the foundation for the AI-enabled security operations center, helping customers secure their cloud, physical and virtual infrastructures for both IT and OT environments. Among other accolades, LogRhythm is positioned as a Leader in Gartner’s SIEM Magic Quadrant.
McAfee | Endpoint Security
Automatic exporting of Tenable vulnerability and configuration data into McAfee ePolicy Orchestrator™ (ePO) increases visibility and enriches context around the security posture of McAfee managed endpoints.Solution Brief
Microfocus/HPE Enterprise | SIEM
Automatically export Tenable vulnerability and compliance violation findings into ArcSight and correlate vulnerable systems with SIEM alert activity for greater analysis accuracy and issue prioritization.
Microsoft | SIEM
Tenable integrates with Microsoft WSUS and SCCM to identify mobile devices and associated vulnerabilities. In addition, Tenable scans Microsoft operating systems, applications and databases for vulnerabilities, audits for hardening guidelines and audits for compliance, and identifies malicious processes and malware targeting Microsoft systems and applications. Finally, Tenable also integrates with Microsoft Exchange (ActiveSync) MDM to discover, audit security settings and identify vulnerabilities on mobile devices. Tenable also detects and audits Microsoft Azure cloud services to identify misconfigurations and identify entry points for attackers.
Red Hat | Patch Management
Tenable integrates with Red Hat Satellite to correlate patch status reported by Red Hat with the results of Tenable’s vulnerability scanning. By correlating patching with scan results, organizations can identify inconsistencies in their patching programs.
RedLock | TVM
RedLock® enables effective, comprehensive threat defense across Amazon Web Services, Microsoft Azure, and Google Cloud public cloud environments. The RedLock Cloud 360™ platform takes a new, AI-driven approach that correlates disparate security data sets including network traffic, user activities, risky configurations, host and container vulnerabilities, and threat intelligence, to provide a holistic view of risks across fragmented cloud environments. With RedLock, organizations can ensure compliance, govern security, and enable security operations across public cloud computing environments from a single pane of glass.
Redseal | TVM
Automatically export Tenable vulnerability and compliance violation findings into the RedSeal cybersecurity analytics platform to correlate vulnerable system data with RedSeal access path data for issue remediation prioritization.
RSA | GRC
Export Tenable vulnerability and compliance violation findings to RSA Archer® GRC to aggregate vulnerable system data with additional IT controls data for a consolidated view of IT risk.
Siemens | Operational Technology
Tenable and Siemens have formed a strategic partnership to help energy, utilities and oil and gas companies with a new solution for industrial asset discovery and vulnerability management. ‘Industrial Security’ from Tenable provides safe, reliable asset discovery and vulnerability detection purpose-built for industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. Using passive network monitoring based on Tenable’s Nessus Network Monitor, designed for critical systems which require a non-intrusive approach to vulnerability detection, the OT-native solution helps identify and prioritize OT risks so organizations can keep safety-critical production assets secure and fully functional. Delivered by Siemens as a security service, ‘Industrial Security’ helps customers understand the state of their assets at all times, providing them with the information they need to quickly and confidently assess, understand and ultimately reduce their cybersecurity risk.
Siemplify | SOAR
Siemplify provides a holistic Security Operations Platform that empowers security analysts to work smarter and respond faster. Siemplify uniquely combines security orchestration and automation with patented contextual investigation and case management to deliver intuitive, consistent and measurable security operations processes. Leading enterprises and MSSPs leverage Siemplify as their SOC Workbench, tripling analyst productivity by automating repetitive tasks and bringing together disparate security technologies.Solution Brief
Splunk | SIEM
Splunk® Enterprise automatically collects Tenable vulnerability and configuration issues, correlating vulnerable systems with SIEM alert activity to help validate threats. The Tenable application is Common Information Model (CIM) compatible for easy use with other Splunk apps.
Symantec | Patch Management
Tenable integrates with Symantec Altiris to correlate patch status reported by Symantec with the results of Tenable’s vulnerability scanning. By correlating patching with scan results, organizations can identify inconsistencies in their patching programs.
ThreatConnect | Threat Intelligence
ThreatConnect provides threat intelligence data that helps identify malware and malicious behavior. Tenable solutions can use this data to identify malicious communications and compromised hosts as well as help prioritize vulnerability scan results and response.
Join the Cyber Exposure Partner Ecosystem
The Cyber Exposure partner ecosystem is part of the Tenable™ Assure partner program, a new program designed to make it easier than ever for Tenable technology and channel partners to build and deliver innovative solutions to customer problems. Features of the program include the elimination of partner levels and fees and the creation of a self-service capability for building integrations with Tenable.io. Tenable is committed to working with the technology ecosystem to maintain integrations which keep pace with changes over time.Join Now
Join the Cyber Exposure Partner Ecosystem
Fill out the form below or email us at [email protected].