Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Announces Industry’s First Predictive Prioritization Innovation

November 7, 2018

Edge EMEA, LONDON

New risk-centric vulnerability remediation enables organizations to focus on the seven percent of issues that matter

Tenable®, Inc., the Cyber Exposure company, today announced Predictive Prioritization, a first-of-its-kind innovation for both Tenable.io® and Tenable.sc™ (formerly SecurityCenter) which will provide organizations with the unprecedented capability to focus on the seven percent of vulnerabilities which pose the greatest actual risk to the business.

Effectively prioritizing vulnerabilities is a critical and strategic business imperative for reducing cyber risk. According to Gartner, “Through 2021, the single most impactful enterprise activity to improve security will be mitigating vulnerabilities.*” The newly published Vulnerability Intelligence Report from Tenable Research found that enterprises must triage and manage more than 100 critical vulnerabilities on average daily, as rated by the common vulnerability scoring system (CVSS). Basic CVSS ratings alone are failing the industry and leave organizations unable to effectively and confidently focus on which vulnerabilities require immediate action. Moreover, Tenable Research estimates that the industry is on track to disclose up to 19,000 new vulnerabilities in 2018, an increase of 27 percent over 2017. Yet in 2017, public exploits were available for seven percent of all vulnerabilities, meaning that 93 percent of all vulnerabilities posed only theoretical risk. For most vulnerabilities, a working exploit is never developed and of those, an even smaller subset is actively weaponized by threat actors, making it difficult to understand which vulnerabilities to remediate first, if at all.

To address this deluge of vulnerabilities and predict which ones expose organizations to the most cyber risk, Tenable is announcing new predictive prioritization capabilities. Predictive Prioritization combines Tenable-collected vulnerability data with third-party vulnerability and threat data and analyzes them together with the advanced data science algorithm developed by Tenable Research. The data science algorithm analyzes over 100,000 vulnerabilities using machine learning to anticipate the probability of a vulnerability being leveraged by threat actors and differentiate between real and theoretical risks.

Third party data sources include:

  • Basic Vulnerability Information, such as CVSS and the National Vulnerability Database (NVD), that provide baseline information on ease of exploit and attack vectors associated with the vulnerability.
  • Third-Party Threat Intelligence feeds from a variety of public threat intelligence feeds as well as Recorded Future, that deliver insight into which vulnerabilities are actively being exploited by both targeted and opportunistic threat actors.

“With thousands of vulnerabilities identified in enterprise environments each day, security teams don’t have time and the business doesn’t have the luxury to guess which ones to focus on first,” said Dave Cole, chief product officer, Tenable. “Organizations need solutions to help them better understand the actual, not theoretical, impact of vulnerabilities, and focus remediation efforts based on business risk. We’re very excited to introduce Predictive Prioritization as a first-of-its-kind innovation to our Cyber Exposure platform, helping organizations better manage, measure and reduce their cyber risk in the digital era.”

Predictive Prioritization will be included as part of Tenable.io, for vulnerability management in the Cloud, and Tenable.sc (formerly SecurityCenter), for vulnerability management On-Prem. These two flexible deployment options are core components of the Tenable Cyber Exposure platform, which uniquely provides the breadth of visibility into cyber risk across IT, cloud, IoT and OT environments and the depth of analytics to measure and communicate cyber risk in business terms to make better strategic decisions. Predictive Prioritization for Tenable.io and Tenable.sc will be generally available in 2019.

For more information on Predictive Prioritization, go to https://www.tenable.com/cyber-exposure/platform.

*Gartner Security and Risk Management Summit 2018 Presentation, Fix What Matters: Provide DevOps Teams With Risk-Prioritized Vulnerability Guidance, Dale Gardner, June 4-7, 2018

About Tenable

Tenable®, Inc. is the Cyber Exposure company. Over 24,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.

Contact Information:

Cayla Baker
[email protected]

Stay up to date!

Subscribe to our email alerts for new press releases.

Subscribe for press release updates

Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs
Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security