April 20, 2012
Tenable Network Security, Inc., the leader in Unified Security Monitoring (USM), announced today it has been selected by the Defense Information Systems Agency (DISA) as the Assured Compliance Assessment Solution (ACAS). Tenable products will be available to the Department of Defense (DoD) and select Federal intelligence agencies to provide a complete and continuous view of network configuration, compliance and risk.
Tenable's technology was selected by DISA because it met DISA's requirements for a fully-integrated vulnerability assessment platform offering. Tenable's technology offers:
- Continuous visibility across the enterprise by coupling active and passive scanning. By combining Nessus' unmatched breadth of vulnerability checks with PVS's real-time monitoring, Tenable offers DISA the most comprehensive scanning and configuration auditing solution available, while overcoming the shortcomings of point-in-time scanning strategies.
- A strategy focused on maximizing architectural flexibility. Tenable's solution provides optimal distribution and tiering capabilities throughout the suggested architecture. This, coupled with open ended licensing, allows the DoD to move at speeds necessary to properly support the warfighter.
- The combination of two premier technology companies in HP and Tenable Network Security. This pairing provides a service and solution team that is uniquely qualified to support this mission critical endeavor.
"We successfully completed a three-month pilot, in conjunction with HP Enterprise Services, where we showed DISA that our integrated approach to proactive network defense could meet all of its requirements," said Ron Gula, CEO of Tenable Network Security. "DISA's security and compliance requirements are ahead of the curve, and should be applied industry wide to commercial business and organizations that provide critical infrastructure to both military and civilians."
Tenable's integrated solution for the DoD is designed to scale easily and cost effectively, and leverages several Tenable components including:
- SecurityCenter: Offering a centralized view for all network activity including asset discovery, vulnerability detection, configuration and compliance auditing, and event management for large, complex networks.
- Nessus Vulnerability Scanner: Performing network scanning, patch auditing and configuration testing. Nessus is the world's most widely-deployed vulnerability scanner, with more than five million downloads to-date.
- Passive Vulnerability Scanner (PVS): Providing continuous network monitoring and assessment with real-time visibility into all network activity. Tenable's PVS determines server and client-side application vulnerabilities and sends this data to the SecurityCenter in real time. It also uses advanced protocol analysis to log all file sharing, SQL, HTTP, and other types of protocols for analysis.
- X-Tool: Converting DISA distributed eXtensible Checklist Configurations Description Format (XCCDF) files into Tenable's Extensible Markup Language (XML) format, which allows the files to be imported into SecurityCenter and easily customized, if necessary. The X-Tool also imports and converts Open Vulnerability Assessment Language (OVAL) vulnerability files for upload into SecurityCenter.
- 3D Tool: Importing asset data from Nessus or SecurityCenter and delivering a graphical analysis that shows valuable information such as network and protocol maps, communication paths, and vulnerability maps.
Tenable Network Security's continued success comes from its unique approach to helping enterprises and government agencies secure their networks from targeted attacks, internal misuse and compliance violations. The company's Unified Security Monitoring platform is the leading solution for continuous assessment and monitoring of vulnerability, patch, configuration, log, event, network and threat intelligence across virtual, cloud and mobile assets.
For more information on Tenable Network Security, please visit: www.tenable.com.