Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Tenable Security Center Integration into Tenable One Delivers Full Exposure Management for On-Prem Customers

Tenable Security Center Integration into Tenable One Delivers Full Exposure Management for On-Prem Customers

With the integration of Tenable Security Center into Tenable One, Tenable becomes the only vendor to offer exposure management for both on-premises and hybrid deployment models. Here’s what you need to know. 

The launch of the Tenable One Exposure Management Platform in October 2022 ushered in a new era of proactive, preventive cybersecurity for users of Tenable Vulnerability Management (formerly Tenable.io). Now, users of the on-premises Tenable Security Center (formerly Tenable.sc) can realize the same platform benefits in their quest to reduce cyber risk. 

With the integration of Tenable Security Center into Tenable One, Tenable becomes the only vendor to offer exposure management for both on-premises and hybrid deployment models. The integration allows organizations to level up their current security practices and expand their attack surface coverage with heightened visibility, added context for improved prioritization, and a centralized view of cyber risk. This is an important step for defenders looking to take a proactive approach to exposure management. 

Vulnerability management has long given cybersecurity professionals an understanding of the security posture of traditional IT assets, such as servers, workstations or network devices. Security Center has long been the leading solution for on-premises based vulnerability management with its continuous assessments, extensive compliance reporting and risk-based prioritization. Yet, vulnerability management alone can no longer meet the needs of today’s complex environments, which include cloud platforms, microservices, web applications, connected operational technology devices and identity services. The modern attack surface requires an array of specialized tools to safely and correctly assess the vulnerabilities and misconfigurations that can occur across the attack surface to determine where the organization is most at risk. Historically, any kind of aggregated, relationship-focused analysis had to be done manually and in an external data store. Security teams have had to create their own risk relationships and leverage their personal understanding of the infrastructure, leading to incomplete views of the environment and a very unwieldy, difficult process.

Here’s where exposure management can help. An exposure management platform enables users to analyze the data of siloed assessment tools in the environment in a single dashboard so they can see the relationships between each finding, allowing them to understand the full context of where the organization is most likely exposed to an attack. Exposure management also helps users to significantly improve their communication and decision-making with clear, explainable and actionable KPIs aligned to cyber risk. 

The unfortunate truth is, many organizations only have a partial hold on the modern attack surface beyond traditional vulnerability management, which can’t address the challenges of cloud security, web app security, identity exposures, and attack surface management. Let’s take a closer look at what customers can expect with the integration of Tenable Security Center into Tenable One.

Unified and contextual visibility across the modern attack surface

For security organizations that already use Tenable One, the integration of Tenable Security Center into the platform provides deployment flexibility. Tenable One customers are provided access to both Tenable Vulnerability Management and Tenable Security Center, enabling them to choose the deployment location of their vulnerability management assets —- on-premises, in the cloud, or both.

Tenable One now empowers organizations with comprehensive visibility and unparalleled contextual insight into their security posture by tying together their on-premises vulnerability management data with cloud security, external attack surface management (EASM), identity exposure, web application scanning and attack path analysis capabilities. With Tenable One, users can access the following functionality alongside our industry-leading vulnerability management capabilities, all in a single platform:

  • Cloud security. Users can continuously assess the security posture of their cloud environments by maintaining a current inventory of cloud assets for proactive analysis
  • External attack surface management. Users can map their entire external footprint across internet-connected assets to gain a full understanding of their external risk.
  • Identity exposures. Users can see everything and understand relationships in their complex Active Directory environment to prevent lateral movement by attackers.
  • Web application security. Users can achieve comprehensive and accurate vulnerability scanning of their web apps.
  • Attack path analysis. Users can break down silos and aggregate important exposure context to anticipate attack paths before threat actors do.
  • Exposure analytics. Aggregate your contextual data across all exposures for risk prioritization and scoring, recommended actions,external peer benchmarking and program effectiveness.

All of these important, contextual data sets are needed to accurately and continuously analyze the risks an organization faces, so security professionals can make better remediation decisions and effectively communicate the state of their security posture to the IT organization and to business leaders.

Break silos and understand the attacker’s perspective

Tenable One automatically combines the rich context from siloed areas of the attack surface to take the guesswork out of remediation prioritization. Tenable One’s attack path analysis capabilities does all of this correlation in the background. The exposures, business critical assets and identity, access privileges and permissions are all correlated to help security leaders anticipate, prioritize and provide actionable insights. Up to this point, attack path analysis has primarily been used as a reactive tool in the event of an intrusion, enabling incident responders and forensic analysts to see where an attacker has been: from where they gained initial entry to how they moved laterally within the environment to execute a breach. 

Tenable One’s attack path analysis capabilities puts such insights to use in a proactive way, enabling security professionals to prioritize preventive remediation decisions based on the exposures that are at the greatest risk of becoming part of an attack path. This allows security teams to focus on what they do best: preventative cybersecurity. 

But, what about the constant changes that occur across the attack surface? Not to worry, as the organization’s attack surface changes and the threat landscape evolves, so does the data reflected within Tenable One, so users always have the latest information they need to focus on preventative security.

Adding exposure analytics for prioritization and to communicate cyber risk

It’s important to have the contextual data from your organization, but what about communicating overall risk and progress to various levels of business stakeholders? Tenable One’s exposure analytics functionality aggregates data across all of an organization’s exposures to provide a centralized, business-aligned view of cyber risk with clear key performance indicators (KPIs) and benchmarks. This helps all roles within security to communicate the progress and effectiveness of their program. Here are some specific ways exposure analytics can serve key stakeholders:

  • CISO/BISO/other executives - Tenable One provides actionable metrics to help executives measure, compare and communicate cyber risk to non-technical executives and the board, allowing them to answer the hard question, “How secure are we?”
  • Security director/manager - Tenable One allows security professionals to easily communicate progression on KPIs on security program progress to upper level management.
  • Security analyst - Tenabel One enables analysts to quickly define and build a baseline around day-to-day security practices to understand trends and improvements.

Deployment flexibility for vulnerability management

For Tenable Security Center customers, this integration keeps all of your data on-prem while taking advantage of the benefits of an exposure management program. For those who already have Tenable One, the integration of Tenable Security Center into the platform provides deployment flexibility with access to both Tenable Vulnerability Management and Tenable Security Center. This enables you to choose your deployment preferences — on-premises, in the cloud, or both – no matter where you want to manage your vulnerability management data.

Learn more

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.