Freely subscribe to our NEWSLETTER

The window between when a vulnerability is discovered and when it is exploited continues to shrink. Attackers typically start scanning for vulnerabilities within 15 minutes of a CVE being announced. Organizations need to be able to act quickly and determine if any critical assets are at risk. Tenable Agentless Assessment unifies Cloud Security Posture Management (CSPM) and vulnerability management into a single solution, so security teams gain continuous visibility into the state of their cloud assets. It provides significant speed, cost and scale improvements over the first generation of cloud native security solutions.

Tenable Agentless Assessment is 100% agentless and API-based, enabling cloud security teams to use the power of Nessus® for vulnerability assessments without the need to install scanners or agents, configure credentials on target hosts or set up scan policies. Using a proprietary approach, it enables users to onboard their cloud accounts within minutes and scan all assets for software and misconfiguration vulnerabilities without any impact on compute speed or costs. Tenable Live Results continuously inspects collected data, looking for matches to updates in the Tenable Research Vulnerability and Threat Library feed, helping cloud security teams and developers quickly identify security weaknesses and prevent risky deployments before they happen.

When a new vulnerability is published to the threat library, Tenable Live Results enables security teams to see if a vulnerability exists in their current asset inventory, without needing to execute a new scan. Near real-time detection reduces mean time to remediate (MTTR), helping to block zero-day vulnerabilities faster. The solution gives customers easy-to-deploy exposure management with drift detection for cloud resources, along with multi-cloud discovery and governance to support security and compliance.

Key new capabilities launched today in the Tenable Cloud Security solution include:

● Cloud Security Agentless Assessment - 100% agentless, API-driven run-time scanning for cloud workloads, providing a unified view of organizations’ cloud environments at scale without increasing cloud computing costs. Data is collected using a proprietary API to build an inventory manifest from cloud instance storage volumes without having to mount a snapshot.
● Cloud Security Live Results - Cloud Detection and Response (CDR) capabilities, taking the data collected and continuously assessing it against the Tenable Research Vulnerability & Threat Library. When a new vulnerability is published, including zero-day attacks, to the threat library, Live Results allows security teams to see if a vulnerability exists in their current asset inventory, without needing to execute a new scan.
● Reporting and Policy Workflow Enhancements - new compliance and benchmark reports help teams adhere to security and compliance standards with access to over 1,400 pre-built policies that address more than 20 compliance standards - such as SOC2, HIPAA, and CIS benchmarks - helping reduce the effort required to report on cloud security posture.
● Advanced DevOps Integrations and Infrastructure as Code (IAC) Security - added support for HashiCorp Terraform Cloud Run Tasks, source code management and Jira enhancements helps teams address security flaws early in the cloud delivery process, by scanning and remediating infrastructure as code and integrating into existing cloud team workflows.

As the leader in vulnerability management, with more than two decades of expertise, Tenable has the industry’s most extensive common vulnerabilities and exposures (CVE) and security configuration support to help customers understand their risk across cloud assets. The Tenable Cyber Exposure Management platform provides unified vulnerability management across cloud and non-cloud assets. New Tenable Cloud Security solution capabilities, including prioritized results for containers, are scheduled to be generally available for Amazon Web Services in the third quarter of 2022. Support for Microsoft Azure and GCP is expected by the end of 2022.