Conference Coverage

RSA 2017: Special conference coverage

Reporting and analysis from IT events
News Stay informed about the latest enterprise technology news and product updates.

Tenable launches cloud-based vulnerability management platform

At RSA Conference 2017, Tenable Network Security introduced a cloud-based vulnerability management platform called Tenable.io that allows users to import and export vulnerability data.

SAN FRANCISCO -- Tenable Network Security is hoping to make vulnerability management great again.

The security vendor, based in Columbia, Md., unveiled a new cloud-based vulnerability management platform, dubbed Tenable.io, this week at RSA Conference 2017. Tenable.io, which is delivered as a software-as-a-service offering, includes an API and software development kit that allows third parties to export and import vulnerability data. The vulnerability management platform includes web application scanning and container security monitoring features, as well as an asset tracking algorithm that tracks not only devices, but virtual machines and cloud instances, as well.

"We're looking to be the information security hub for the industry," Cris Thomas, security strategist at Tenable, told SearchSecurity. "It was important for us to build an ecosystem that works together for everyone."

Thomas said Tenable.io builds on the foundation of existing products like Nessus, Tenable's vulnerability scanning and configuration auditing tool. However, the vulnerability management platform was largely built from the ground up as a totally new, cloud-based offering. For example, Tenable.io has a service-level agreement with an uptime guarantee that's similar to SLAs of other major cloud providers.

The vulnerability management platform is also integrated with the IT service management workflows of several other security vendors and technology providers, including Amazon Web Services, CyberArk and ForeScout. The Tenable Technology Integration Partner program allows other companies to collaborate with Tenable and build integrations into the Tenable.io platform.

"We designed this to be easy to use," Thomas said. "You can export the data and feed it into other products, if you like. We obviously prefer you use it with Tenable products, but we make it work for pretty much any product."

Thomas admitted vulnerability management hasn't been the hottest of security technology categories in recent years and is often overlooked by many companies today. But he said better vulnerability management is crucial for enterprises with today's massive threat landscape, and the more companies that take part in Tenable.io, the more valuable vulnerability data will be generated for the participants.

"One of the issues that makes this sort of thing challenging is that it's hard to get critical mass," Thomas said. "But we have close to 2,500 customers that are already using products that are the basis for Tenable.io."

Next Steps

Learn how to adapt your enterprise's vulnerability monitoring strategy to hybrid cloud use

Find out how the Google Cloud Security Scanner compares to traditional vulnerability scanners

Examine the pros and cons of using a third-party web application scanner over a cloud provider's

PRO+

Content

Find more PRO+ content and other member only offers, here.

Conference Coverage

RSA 2017: Special conference coverage

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How will Tenable.IO fit in with your enterprise's vulnerability management planning?
Cancel

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly

Close