Active scanning, agents, passive monitoring, external attack surface management and CMDB integrations provide a complete and continuous view of all of your assets including ones that were previously unknown.
With coverage for more than 66,000+ vulnerabilities, Tenable has the industry’s most extensive CVE coverage and security configuration support to help you understand your security and compliance posture with confidence.
Tenable’s Predictive Prioritization technology combines vulnerability data, threat intelligence and data science to give you an easy-to-understand risk score so you know which vulnerabilities to fix first.
The Tenable.sc Family
- Risk-based vulnerability management, on-prem
- Immediate visibility into your network with unlimited Nessus scanners
- Clear, actionable insight into data with highly customizable dashboards, reports and workflows
- Instantly identify and prioritize vulnerabilities using built-in risk scores and threat intelligence
- Speed up incident response with customizable configuration alerts, notification and ticketing
- Free API access for customer integrations, data acquisition and data enrichment
- Discover unknown assets on your External Attack Surface
Includes all Tenable.sc benefits as well as:
- Gain a deeper understanding and context of your assets using Asset Criticality Rating (ACR)
- Real-time asset and vulnerability discovery and continuous monitoring for the highest level of visibility
- Streamlined compliance reporting with real-time metrics and proactive alerts on violations
- Real-time detection of botnets and command and control traffic
- Identification of previously unknown resources, changes in behavior and new application usage
For customers with multiple Tenable.sc consoles, Tenable.sc Director is available as an add-on to Tenable.sc or Tenable.sc+.
- Single pane of glass to view and manage your network across all Tenable.sc consoles
- Easily manage scans for each Tenable.sc console from one central location
- Centralized network management to facilitate reporting and management of multiple consoles, scanners and assets
- Centralized reporting across multiple Tenable.sc consoles to easily measure your cyber risk
#1 in Vulnerability Management
Actively identify, investigate and prioritize vulnerabilities
reduction in vulnerabilities that need to be fixed first through Predictive Prioritization
"Tenable.sc has become the voice of truth for our network, providing an additional layer of insight to hold ourselves accountable and to validate the success of our security program to our board of directors."Ted Tomita, Senior Vice President and Chief Technology Officer, Catskill Hudson Bank
Quickly Measure And Analyze Security And Compliance Risk
Manage Your Data, Your WayTenable.sc+ is the leading on-prem option for Vulnerability Management. Manage your data your way with on-prem or hybrid deployment options while reducing risk for the organization.
Understand Asset CriticalityTenable’s Asset Criticality Rating (ACR) in Tenable.sc+ provides an added dimension to understanding the criticality of your assets to make better decisions in reducing risk for your organization.
Get Immediate Insight
Easily CustomizeCreate different reports for different audiences to ensure the most critical threats are seen and dealt with immediately. Generate reports on demand or schedule them, and automatically share with the appropriate recipients.
Streamline Compliance ReportingStay compliant with immediate visibility into your compliance posture. Easily demonstrate adherence with predefined checks against industry standards and regulatory mandates.
Gain Operation Technology (OT) VisibilityGain complete visibility, security and control over the OT threats that put your organization at risk with Tenable.ot integration.
Predict what matters.
Managed in the cloud.
Ready to manage and reduce your cyber exposure across your entire organization?
Lumin is now available for Tenble.sc.Learn More About Tenable Lumin
Tenable.sc Frequently Asked Questions
Tenable.sc and Tenable.sc+ are Tenable’s on-premises vulnerability management solutions. Built on industry-leading Nessus technology, the Tenable.sc family of products identifies, investigates and prioritizes vulnerabilities, providing you with a risk-based view of your security and compliance posture. For more information on these solutions, please see the Tenable.sc Datasheet and Tenable.sc+ Datasheet.
Tenable.sc+ is a vulnerability management platform that builds off of the functionality in Tenable.sc and includes cyber risk metrics found in Tenable Lumin for an additional layer of context for your assets and vulnerabilities. These metrics provide a more tailored approach to your vulnerability management program, all calculated on your Tenable.sc+ instance, so your data remains on-premises.
Tenable.sc Director is an add-on to Tenable.sc. It provides enterprise customers with a unified view across their large and often dispersed network spanning multiple Tenable.sc consoles. Tenable.sc Director gives complete visibility and management of your instances so you can focus on vulnerability management and reduce overhead on administrative tasks.
Predictive Prioritization combines Tenable-collected vulnerability data with third-party vulnerability and threat data and analyzes them together with the advanced data science algorithm Tenable Research developed. Each vulnerability receives a Vulnerability Priority Rating (VPR) that represents the likelihood an attacker may exploit a given vulnerability in the next 28 days along with its severity. You can use VPR to understand actual cyber risk of vulnerabilities in their unique environments so you can prioritize remediation efforts on vulnerabilities with the greatest impact.
Using a diverse array of sensors, Tenable.sc ensures continuous discovery and assessment of your network, assets and vulnerabilities in real-time.
Tenable.sc gathers security data from across your organization using sources such as:
- Passive monitoring: Monitoring network traffic and events in real-time provides information on which assets are connected to the internet and how they communicate. It identifies new or never-before-seen devices or applications, and detects suspicious behavior as it happens.
- Active scanning: Thoroughly analyzes asset state to identify vulnerabilities, misconfigurations, malware and other weaknesses.
- Host data: Actively monitor host activities and events, including insight into access and changes.
- Intelligent connectors: Leveraging your other security investments, Tenable.sc can integrate additional security data to improve context and analysis. Both will analyze information from a wide range of data sources including Active Directory (AD), configuration management databases (CMDBs), patch management systems, mobile device management (MDM) systems, cloud platforms and more.
- Agent scanning: Instantly audit transient or hard-to-scan assets that intermittently connect to the internet without credentials. Once installed, agents can run credentialed scans without ongoing host credentials.
Nessus Agents are lightweight programs installed locally on a host — a laptop, virtual system, desktop and/or server. Agents receive scanning instructions from a central Nessus Manager server, perform scans locally, and report vulnerability, compliance and system results back to the central server. Nessus Agents are available with Tenable.io and Tenable.sc.
Nessus Agents with Tenable.sc increase scan coverage and remove blind spots by making it easier to scan problematic assets such as those needing ongoing host credentials and offline assets. Agents also enable large-scale concurrent scanning with little network impact.
For more information on Nessus Agents, see the following resources:
Tenable Research backs Tenable.sc, delivering world-class Cyber Exposure intelligence, data science insights, alerts and security advisories. Tenable has one of the most extensive vulnerability and intelligence data sets in the industry with the highest CVE coverage of more than 66,000 CVEs and more than 325 Zero Days disclosed since January 2019. Tenable updates its vulnerability database each day, as new vulnerabilities emerge. Tenable Research delivers more than 100 new detections each week.
After Tenable.sc detects a vulnerability, it provides you with detailed insight for each vulnerability detected, including:
- Vulnerability information: Name and description of the vulnerability, remediation guidance, date of discovery and date of last vulnerability observation, CPE, date patch published, patching status, plugin ID and details
- Host information: Host name, affected hosts, IP address, DNS, Mac address, NetBIOS, repositor
- Risk information: Vulnerability severity, VPR score, CVSS score and vectors, vulnerability age, known exploits, exploit code maturity, product coverage, threat intensity, threat recency, threat sources, percentage risk reduction associated with patching
Tenable.sc provides extremely flexible reporting capabilities, utilizing more than 350 pre-built templates and a user-friendly report creation interface to easily create customized reports. The HTML5-based reports consolidate data from across your organization so you can measure and analyze your security effectiveness. Working from existing templates, you can completely customize data by deleting or adding certain components or adjusting filters to develop reports to meet your various needs.
You can develop multiple reports, each customized to provide a different view of collected data so you can deliver informative and timely reports to the appropriate teams or decision-makers within your organization. Reports can range from extremely detail-oriented to high-level summaries. Reports are available in standard PDF and CSV formats. You can schedule and automatically email reports, share to one or more specified console users and/or publish to one or more sites upon completion.
You can also use Tenable.sc to comprehensively and automatically report on your network compliance with complex standards such as PCI and NIST.
Yes. Tenable.sc can help maintain compliance. It enables you to stay compliant with immediate visibility into your compliance posture. You can easily demonstrate adherence with predefined checks again industry standards and regulatory mandates such as ISO/IEC 27001/27002, PCI, NIST Cybersecurity Framework, NIST SP 800-171 and CIS Critical Controls.
Tenable.sc provides out-of-the-box, fully customizable reports and dashboards specific to leading security standards and compliance mandates. You can use them “as-is” or easily tailor them to meet your specific security and business needs. For example, you can easily create specific reports and dashboards for individual lines of business.
External Attack Surface Management is a capability offered by Tenable that provides visibility into blindspots outside of your network perimeter. This allows customers to scan their domain to find previously unknown internet-connected assets that can pose high risk to your organization.
Yes, External Attack Surface Management capabilities are offered with Tenable.sc. If you require additional domains, frequency and/or metadata in your results you can purchase our Tenable.asm add-ons.
Yes. Tenable.sc integrates with other products. The suite provides out-of-the-box integrations to leverage Tenable’s vulnerability insights with ticketing, patch management, SIEM, SOAR and other third-party products. Visit the Technology Ecosystem page to learn more about available integrations and ecosystem partners. You can also use Tenable.sc’s API to develop custom integrations. Tenable.sc also has built-in integrations with Tenable Lumin and Tenable.ot.
Tenable.sc is licensed by annual subscription and priced by IP. Perpetual licensing is also available.
You can find technical documentation for Tenable.sc and all Tenable products at https://docs.tenable.com/.