August 26, 2010
Tenable’s network monitoring technology provides organizations real-time vulnerability and security event management to meet security and compliance requirements with zero impact to the network
Tenable Network Security, Inc., the leader in Unified Security Monitoring™ and creator of the popular and award-winning Nessus® vulnerability scanner, today announced that it has been granted a patent by the U.S. Patent and Trademark Office for Tenable’s passive network monitoring approach to determine network vulnerabilities and provide network analysis.
“This patent is the first to be awarded in Tenable’s growing intellectual property portfolio,” said Jack Huffard, President of Tenable. “In addition to this first awarded patent, Tenable has five other patent-pending technologies filed with the Patent and Trademark office. This issued patent predates recent developments in vulnerability analysis validating the approach on which Tenable has focused for years.”
Networks never sleep…neither do attackers
Tenable developed the Passive Vulnerability Scanner (PVS) to complement its other market leading active network scanner, Nessus. Where Nessus allows organizations to audit networks for known vulnerabilities, conduct full patch and configuration and compliance audits at a point in time, Tenable’s PVS allows organizations to continuously monitor the same network by analyzing network traffic 24x7 and provide real-time updates to Tenable’s SecurityCenter on new devices, applications running on those devices and known vulnerabilities associated with those devices. However, PVS doesn’t stop there. For all the value it provides on the network vulnerability front, Tenable’s PVS also has notable security information and event management (SIEM) capabilities. It continuously updates Tenable’s SecurityCenter with information about devices on the network as they appear and profiles trust relationships between users and devices on the network. PVS gathers client-side and server-side vulnerabilities that cannot be obtained by traditional active network scanning. Data obtained by active network scanning alone is only as good as the last active scan, which is simply a snap shot in time that can miss vulnerabilities and mis-configurations that occur after the scan was performed. Tenable’s PVS identifies how your network is changing as it happens, enabling you to provide real-time proactive response. Since the PVS is looking at network data in transit, it can obtain information about data flows and network devices without the potential impact of an active scan. This is very useful in situations where it is difficult to get management approval for active vulnerability scans.
“Tenable’s PVS significantly reduces the need to actively scan and disrupt entire networks. Without having to rely solely on traditional active scanning techniques, Tenable’s customers can instead direct active scanning cycles to further investigate abnormal network behavior or even discover new devices found on the network,” says Andrew Hay, senior analyst with The 451 Groups Enterprise Security Program (ESP).
Unified Security Monitoring Architecture
This patent, filed in 2004, protects one of the core analytic technologies in Tenable’s Unified Security Monitoring product suite and focuses on the unique and innovative manner in which Tenable monitors and analyzes network data for vulnerability and security related issues. Specifically, Tenable’s PVS patented technology sniffs packets traveling across the network. The PVS analyzes information from the sniffed packets to build an inventory of devices, operating systems and applications that are active on the network. In addition, the PVS analyzes the information to detect vulnerabilities in devices, operating systems and applications. Finally, the PVS prepares a report containing the detected devices, operating systems and applications with the respective detected vulnerabilities. Because the PVS operates passively, it may operate continuously without burdening the network. Similarly, it also may obtain information regarding client-side and server side vulnerabilities.
“We are pleased that the U.S. Patent and Trade Office has recognized our passive monitoring technology as innovative and worthy of protection. Tenable pioneered continuous vulnerability monitoring and we continue to invest in research and development resources to extend its capability. We truly believe that customers who employ our active and passive monitoring approaches to audit their networks have a much higher probability of detecting security issues in real-time,” says Ron Gula, CEO of Tenable.
For more information on Tenable’s Unified Security Monitoring suite, please visit www.tenable.com/solutions. For more detailed information on Tenable’s PVS technology, please visit www.tenable.com/pvs.