Federal, state and local government agencies are increasingly attractive targets for cyber adversaries, who continue to grow bolder, more proficient and better funded over time. Government agencies are under extraordinary pressure to maintain constant vigilance against cyber threats and attacks, establishing robust information security defenses, while demonstrating compliance with numerous regulations and standards.
Tenable solutions enable federal, state, and local government agencies, and the system integrators that support them, to effectively manage risk and reduce the attack surface by identifying, monitoring, and prioritizing vulnerabilities across the entire network — including on-premises, cloud, mobile and virtual environments. Tenable solutions are also essential for protecting critical infrastructure and related Operational Technology.
Tenable solutions for the U.S. Federal Government
Automate Vulnerability & Compliance Management
SecurityCenter Continuous View® (SecurityCenter CV™) enables government agencies to discover, assess and automate compliance and audit reporting to help them mitigate vulnerabilities in their computing infrastructure. Agencies can automate audit processes to establish and demonstrate compliance with HIPAA, PCI DSS, FISMA, Federal IRS Publication 1075, CJIS security policy and many other regulations.
Enhance Laptop and Mobile Device Security
SecurityCenter CV provides government agencies with the visibility and critical context they need to mitigate the risks introduced by laptops, mobile and BYOD (bring your own devices). It uses active scanning, agents, and passive network monitoring to discover and assess laptop vulnerabilities, find rogue mobile devices on the network, identify policy violations and user productivity drains. Integrated with mobile device management (MDM) solutions, SC CV assesses the possibilities of exposure, and loss resulting from such transient mobile devices.
Protect Critical Infrastructure
Organizations with Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems must protect themselves from rapidly increasing threats and cyberattacks – and at the same time, maintain compliance with strict regulatory requirements. Tenable solutions help ensure the safety of critical infrastructure by discovering and continuously monitoring for vulnerabilities and threats, as well as ICS and SCADA system compliance and security issues. For more information and to download our whitepaper on SCADA network security monitoring, click here.
True Continuous Monitoring
The National Institute of Standards and Technology (NIST) requires federal agencies to implement continuous monitoring and risk-based decision making. SecurityCenter CV is the market-defining continuous monitoring platform, providing a unique combination of detection, reporting and pattern recognition utilizing industry-recognized algorithms and models.
The U.S. Defense Information Security Agency (DISA) selected Tenable as the Assured Compliance Assessment Solution (ACAS) for the Department of Defense (DoD).
To learn more about U.S. Federal Government solutions:
Visit the U.S. Federal webpage
State & Local Government
Deploy a Shared Services Model
A security shared services model streamlines operations and reduces costs, while reducing risk and enhancing compliance with security guidelines, controls and regulations. SecurityCenter CV enables shared services for vulnerability and compliance management with role-based access, user-based modeling and reporting, asset grouping and built-in analytics and automation capabilities.
Comply With CJIS & FTI Standards
Many state and local government agencies are required to comply with the CJIS (Criminal Justice Information Services) and FTI (Federal Taxpayer Information) standards in order to handle sensitive information. SecurityCenter CV provides full network awareness to assist with discovery, assessment and reporting so agencies can take action to manage risk and ensure compliance with the CJIS and FTI standards.
Cyber Hygiene Campaign
In conjunction with the National Governors Association (NGA) Governors Homeland Security Advisors Council, the Center for Internet Security and the Council on CyberSecurity launched a security awareness initiative called the “Cyber Hygiene Campaign.” With continuous monitoring, SecurityCenter CV is uniquely positioned to help meet the campaign’s top five priorities for better cyber health.
Selected by City of San Diego, California
Learn how the City of San Diego, California applied Tenable technology across its 24 networks and 40 municipal departments.
Health Direct - Australia
HealthDirect Australia, a public company limited by shares, delivers comprehensive health services wholly or jointly funded by federal, state and territory governments. To provide its services, HealthDirect Australia contracts directly with health providers, developing and managing governance structures to ensure all services are provided competently and safely.
Focus on the government
Many new emerging legislative initiatives focus on cybersecurity, sharing vulnerability information and notifying the public when a breach occurs. These have impact to all levels of government — from country/national to state/provincial and local levels.
How Tenable Can Help
SecurityCenter Continuous View® delivers non-stop visibility for the most comprehensive, integrated view of network health:
- True continuous monitoring, with total visibility and actionable insight to help you continuously adjust and improve your security and compliance posture
- Collects data from multiple sensors to provide advanced analysis of vulnerabilities, threats, network traffic and events
- Pre-built, customizable dashboards, reports and Assurance Report Cards® to visualize, measure, analyze and communicate security program effectiveness
The world’s most widely deployed vulnerability scanner, in a version for government purchasers only:
- Features high-speed asset discovery, configuration auditing, target profiling, malware detection, sensitive data discovery and more
- Supports more technologies than competitive solutions, scanning operating systems, network devices, next generation firewalls, hypervisors, databases, web servers and critical infrastructure for vulnerabilities, threats and compliance violations
- Available as both a cloud and on-premises vulnerability scanning and management solution
Non-intrusive network monitoring and profiling to continuously scan and assess your security, available for government agencies:
- Complements traditional Nessus® active scanning with continuous host discovery, effective scanning without credentials, connection tracking and trust relationship identification
- Continuous vulnerability detection on devices, applications and communicating systems
- Real-time network monitoring and deep packet inspection to eliminate blind spots