Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Getting Started with Tenable.ot Executive Report

by Cesar Navas
February 21, 2020

As networks converge between Information Technology (IT) and Operational Technology (OT), organizations struggle to view the complete visibility of the network. Using Tenable.ot and Tenable.sc together, a complete picture of a network is visible to risk managers and CISO’s. Tenable.sc is able to connect with Tenable.ot and incorporate risk scores such as Vulnerability Priority Rating (VPR) and Common Vulnerability Scoring System (CVSS) vectors to fully understand risk. As Tenable expands into OT markets, organizations are given the opportunity to perform risk analysis based on OT and IT data in a single unified platform with Tenable.ot and Tenable.sc.

In the Risk Summary chapter, a trend line of Tenable.ot vulnerabilities and a CVSS to VPR Heatmap matrix provides an executive level view of the vulnerabilities related to OT devices. There are also two indicator matrices that show the system counts divided up based on their risk ratings, and criticality ratings. The combination of the risk, criticality, and VPR provides risk managers with a more complete and clearer understanding of the overall IT/OT risk.

The Asset Summary chapter provides a Top Ten summary of assets that have been detected (sorted by device count). The chapter also provides an executive view of system type detected for OT and IT devices, include are the count of each device type and the percentage of total device types detected.  Additionally, Tenable.ot provides asset enumeration by Common Platform Enumeration (CPE). This attribute denotes if the vulnerability on the asset is related to hardware, applications, or operating system. The CPE contains manufacturer information. System managers can use this information as a starting point for vulnerability analysis and patch management efforts. There are also four matrices that track when an asset is first discovered on the network and when last seen. These two attributes help asset managers track when new systems are detected and if the system is in current use.

As threats to cloud, IT, and OT are exposed, organizations that practice Cyber Exposure are able to use Tenable.sc to reduce their Cyber Exposure gap. Tenable.ot helps to expand an enterprise’s visibility and merge traditional Vulnerability Management (VM) practices to include IT and OT. Using the advanced reporting capabilities of Tenable.sc, risk managers are able to import data from OT networks into a single VM platform. The OT data can then be reviewed and assessed alongside the IT VM data for a complete picture of cyber risk.

 This report contains the following chapters: 

Risk Summary: This chapter shows the executive team overall risk in their OT environment. Starting with a trendline which shows the count of vulnerabilities over the past 25 days. and the executive team is able to assess their organization's patching efforts. Following the trendline are a few matrices that quickly lay out the organizations Criticality Rating, Risk Rating, and CVSS to VPR.

Asset Summary: The Asset Summary chapter's purpose is to give the executive team an outlook into their OT assets. The chapter is broken up in order to focus on a few asset related items such as; device type, device discovery dates, and device attribute.

Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable.ot

Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.