Tenable.sc and Tenable.sc Continuous View (CV) are Tenable’s on-premises vulnerability management solutions. Built on industry-leading Nessus technology, the Tenable.sc family of products identifies, investigates and prioritizes vulnerabilities, providing you with a risk-based view of your security and compliance posture.

• Centralized vulnerability management and reporting console with multiple scanners
• Highly customizable dashboards, reports and workflows with automatic feeds from Tenable
• Incident response with configuration alerts, notifications and ticketing
• Vulnerability prioritization using the Vulnerability Priority Rating (VPR) and Solutions View page
• Role-based access control (RBAC) to group and control team member permissions by role
• Executive and enhanced management reports and dashboards
• Integration with Tenable Lumin for advanced prioritization, risk scoring and peer benchmarking
• Dynamic asset classification (mail server, web server, etc.)
• Policy-based configuration auditing
• Malware detection with built in threat intelligence
• Automated report and notification distribution
• Scheduled and distributed scanning
• Compliance reporting capabilities
• Asset-based reporting
• Proprietary flat file database for rapid access
• Free API access for customer integrations, data acquisition and data enrichment
• Integration with Tenable.ot for visibility into your operation technology (OT) assets.

Tenable.sc CV is a vulnerability management platform that builds off of the functionality in Tenable.sc and adds real-time continuous monitoring of your security and compliance posture, as well as the critical context you need to discover unknown assets and vulnerabilities, monitor unexpected network changes and prioritize weaknesses to minimize your cyber risk.

Tenable.sc CV includes all the functionality of Tenable.sc, as well as these additional capabilities:

• Continuous asset discovery (virtual, mobile, cloud)
• Passive vulnerability detection of new and “unsafe-to-scan” assets
• Real-time monitoring for vulnerabilities and device and application detection
• Identification of previously unknown resources, changes in behavior and new application usage
• Real-time botnet detection and command and control traffic
• Anomaly detection using statistical/behavioral techniques
• Streamlined compliance with proactive alerts on violations
• Monitoring of host activities and events, including insight into access and changes
• Real-time metrics for continuous security and compliance
• Correlation of real-time activity with state-based vulnerability data
• Log vulnerability monitoring and management

Tenable.sc Director is an add on to Tenable.sc or Tenable.sc CV. It provides Enterprise customers with a single pane of glass view to manage their entire vulnerability landscape across multiple Tenable.sc or Tenable.sc CV consoles. Tenable.sc Director enables you to:

• View your entire infrastructure, across multiple consoles, from one centralized location and ensure all assets and vulnerabilities are accounted for
• Easily manage scans for each Tenable.sc console from one central location
• Centralize network management to facilitate reporting and management of multiple consoles, scanners and assets
• Centralize data insight across multiple Tenable.sc consoles to quickly understand your cyber risk

Using a diverse array of sensors, Tenable.sc ensures continuous discovery and assessment of your network, assets and vulnerabilities in real-time.

Tenable.sc gathers security data from across your organization using sources such as:

• Passive Monitoring: Monitoring network traffic and events in real-time provides information on which assets are connected to the internet and how they communicate. It identifies new or never-before-seen devices or applications, and detects suspicious behavior as it happens.
• Active Scanning: Thoroughly analyzes asset state to identify vulnerabilities, misconfigurations, malware and other weaknesses.
• Host data: Actively monitor host activities and events, including insight into access and changes.
• Intelligent Connectors: Leveraging your other security investments, Tenable.sc can integrate additional security data to improve context and analysis. Tenable.sc will analyze information from a wide range of data sources including Active Directory, configuration management databases (CMDBs), patch management systems, mobile device management (MDM) systems, cloud platforms and more.
• Agent scanning: Instantly audit transient or hard-to-scan assets that intermittently connect to the internet without credentials. Once installed, agents can run credentialed scans without ongoing host credentials.

Tenable.sc analyzes all network-connected assets during a scan. Tenable.sc CV adds the ability to analyze all network activity and events during a scan. Examples include: severs, endpoints, network devices, operating systems, databases, applications in physical, virtual and cloud infrastructures and mobile devices. Tenable.sc CV also continuously monitors network traffic looking for suspicious traffic to/from vulnerable systems/services, unknown devices, botnets and command/control services. It also uses statistical and anomalous behavior analysis techniques on external log sources to automatically discover activity that deviates from the baseline.

Tenable.sc is backed by Tenable Research, delivering world-class Cyber Exposure intelligence, data science insights, alerts and security advisories. Tenable has one of the most extensive vulnerability and intelligence data sets in the industry with the highest CVE coverage of more than 56,000 CVEs and more than 141,000 plugins. Tenable updates its vulnerability database each day, as new vulnerabilities emerge. Tenable Research delivers more than 100 new detections each week.

Tenable.sc provides you with detailed insight for each vulnerability detected, including:

• Vulnerability information: Name and description of the vulnerability, remediation guidance, date of discovery and date of last vulnerability observation, CPE, date patch published, patching status, plugin ID and details
• Host information: Host name, affected hosts, IP address, DNS, Mac address, NetBIOS, repository
• Risk information: Vulnerability severity, VPR score, CVSS score and vectors, vulnerability age, known exploits, exploit code maturity, product coverage, threat intensity, threat recency, threat sources, percentage risk reduction associated with patching

Tenable.sc has more than 350 highly customizable dashboards and reports so users can only view vulnerability assessment information relevant to their particular functions to aid in ease of prioritization and remediation.

Yes, you can configure Tenable.sc to alert on high-risk vulnerabilities or other events, so users can properly handle vulnerabilities and events as they come in.

In addition to email notifications, Tenable.sc can create other alert actions, including UI notification, ticket creation/assignment, remediation scans, launching a report, email notification and syslog alerting.

Tenable.sc can perform actions, such as email alerts, for select vulnerability or alert occurrences to various users regardless of whether the events correlate to a local vulnerability or not.

Tenable.sc provides extremely flexible and simplified reporting, utilizing more than 350 pre-built templates and a user-friendly report creation interface to easily create customized reports. Tenable.sc’s HTML5-based reports consolidate data from across your organization so you can measure and analyze your security effectiveness. Working from existing templates, you can completely customize data by deleting or adding certain components or adjusting filters to develop reports to meet your various needs.

You can develop multiple reports, each customized to provide a different view of collected data so you can deliver informative and timely reports to the appropriate teams or decision-makers within your organization. Reports can range from extremely detail-oriented to high-level summaries. Reports are available in standard PDF, RTF and CSV formats. You can schedule and automatically email reports, share to one or more specified Tenable.sc users and/or publish to one or more sites upon completion.

You can also use Tenable.sc to comprehensively and automatically report on your network compliance with complex standards such as PCI and NIST.

Yes. Tenable.sc enables you to stay compliant with immediate visibility into your compliance posture. You can easily demonstrate adherence with predefined checks again industry standards and regulatory mandates such as ISO/IEC 27001/27002, PCI, NIST Cybersecurity Framework, NIST SP 800-171 and CIS Critical Controls.

Tenable.sc provides out-of-the-box, fully customizable reports and dashboards specific to leading security standards and compliance mandates. You can use them “as-is” or quickly and easily tailor them to meet your specific security and business needs. For example, you can easily create specific reports and dashboards for individual lines of business.

Yes, Tenable.sc offers out of the box integrations with patch management, mobile device management, threat intelligence and other third-party products. You can also use Tenable.sc’s rich API to develop custom integrations. Visit the Technology Ecosystem page to learn more about available integrations and ecosystem partners. Tenable.sc also has built-in integrations with Tenable Lumin and Tenable.ot.

Tenable.sc uses Predictive Prioritization to produce a risk score to help you prioritize vulnerabilities. Predictive Prioritization combines threat intelligence and machine learning to deliver a Vulnerability Priority Rating (VPR) for each vulnerability. The VPR represents the likelihood an attacker may exploit a given vulnerability in the next 28 days, along with its severity. You can use VPR to understand actual cyber risk of vulnerabilities in their unique environments so you can prioritize remediation efforts on vulnerabilities with greatest impact.

Also available in Tenable.sc and used as a component in determining the VPR score, is the Common Vulnerability Scoring System (CVSS) score the National Vulnerability Database publishes.

Predictive Prioritization is the process of prioritizing vulnerabilities based on the probability an attacker may leverage them. Predictive Prioritization enables you to dramatically improve your remediation efficiency and effectiveness by focusing on vulnerabilities that matter most. Predictive Prioritization is available in Tenable.io and Tenable.sc. For more information, review the FAQ or visit the webpage.

Tenable Lumin is a stand-alone product that enables you to effectively measure your Cyber Exposure and benchmark your performance internally against different groups, as well as externally against industry peers. To accomplish this, Tenable Lumin combines a number of data sources, such as vulnerability data, threat intelligence and asset criticality, to help you quantify cyber risk and maximize cyber risk reduction.

You can integrate Tenable.sc with Tenable Lumin to send vulnerability data to Lumin for analysis. Once analyzed, Lumin will provide you with risk scoring, advanced prioritization and industry benchmarking.

Nessus Agents are lightweight programs installed locally on a host—a laptop, virtual system, desktop and/or server. Agents receive scanning instructions from a central Nessus Manager server, perform scans locally, and report vulnerability, compliance and system results back to the central server. Nessus Agents are available with Tenable.io and Tenable.sc.

Nessus Agents with Tenable.sc increase scan coverage and remove blind spots by making it easier to scan problematic assets such as those needing ongoing host credentials and offline assets. Agents also enable large-scale concurrent scanning with little network impact.

For more information on Nessus Agents, see the following resources:

To learn more about Tenable.sc, contact your Tenable certified partner or Tenable representative. You can also review the Tenable.sc datasheet or check out a recorded demo.

You can purchase Tenable.sc by working with your local Tenable certified partner or contacting your Tenable representative.

Tenable.sc is licensed by annual subscription and priced by IP. Perpetual licensing is also available.

Technical documentation for all Tenable products, including Tenable.sc, is at https://docs.tenable.com/.