May 21, 2007
Tenable Earns CIS Certification
Tenable’s Configuration Auditing Capability enhanced to Support Enterprise-Level CIS Certifications
May 21, 2007 - Columbia, MD – Tenable Network Security, Inc., the leader in unified security monitoring and creator of the popular and award-winning Nessus vulnerability scanner, today announced that Tenable Security Center v3.2 and Nessus v3.0 have been certified by the Center for Internet Security (CIS) to conduct CIS Certified agent-less configuration audits for the Legacy, Enterprise, and Specialized Security Limited Functionality Benchmarks (v1.2) for Windows Server 2003 Domain Controllers Operating Systems. Tenable plans to provide additional CIS Benchmark audit policies throughout 2007.
Named “best benchmarking effort” by Information Security Magazine, CIS benchmarks are developed by global consensus among hundreds of security professionals as recommendations for minimum due care and preferred practice security configurations. Benchmarks are based on recommendations from the SANS Institute, the National Security Agency (NSA), the National Institute of Standards and Technology (NIST), the U.S. Defense Information Systems Agency (DISA), Information Systems Audit and Control Association’s COBIT.
“With the rapid proliferation of system and network vulnerabilities, security professionals are hard-pressed to continually ensure the stability of their IT infrastructures,” said Clint Kreitner, president and CEO of CIS. “By earning this CIS certification, Tenable Network Security’s customers are assured that audits of Windows 2003 Server systems are in accordance with the security benchmarks defined by user consensus. In addition, we are pleased that Tenable’s certification will provide the CIS Benchmarks to Nessus’ broad and global user community.”
“With today’s focus shifting from protecting the network to protecting the data, it is essential to have these consistent controls in place as part of an enterprise compliance program.” said Ron Gula, CEO of Tenable Network Security. “In receiving CIS certification, Tenable’s customers are assured that Security Center and Nessus 3 accurately and thoroughly compare and report the security settings of their systems to the recommendations in the relevant CIS Benchmark(s). Configuration audit, along with sensitive data discovery, ensure an organization’s ability to be compliant with both corporate and regulatory policies.”
The CIS Certified benchmark checks are available immediately at no additional charge to Tenable Security Center users and Nessus Direct Feed subscribers. For more information on Tenable’s Security Center and CIS Benchmarks, please visit: http://www.tenablesecurity.com/products/sc.shtml. To enable your Nessus 3 to perform CIS audits, please visit: http://www.tenablesecurity.com/products/direct.shtml
About the Center for Internet Security (CIS)
CIS is a non-profit enterprise whose mission is to help organizations reduce the risk of business and e-commerce disruptions resulting from inadequate technical security controls. CIS members develop and encourage the widespread use of security configuration benchmarks through a global consensus process involving participants from the public and private sectors. For additional information, please visit http://www.cisecurity.org