Tenable Adds New Passive Vulnerability Scanner™ (PVS™) to the Nessus® Family of Products, Expanding Security and Compliance Toolset

Now companies of any size can use PVS™ to capture security vulnerabilities and compliance violations from BYOD, virtual infrastructure and ‘shadow IT’ in real-time 24/7

Tenable Network Security, the leader in real-time vulnerability management, today announced at Black Hat USA 2013 that its Passive Vulnerability Scanner™ (PVS) will be available at the end of August as a standalone product. Previously available only to Tenable’s SecurityCenter™ and SecurityCenter CV customers, PVS can now be used by any company, security specialist or compliance auditor that wants to monitor their networks in real-time, in a non-intrusive manner.

Using network sniffing technology, PVS is an ideal solution to monitor systems sensitive to disruption by traditional scanning, transient systems like mobile, virtual and cloud apps that may not be present during scheduled scans.

PVS complements Nessus® active scanning by monitoring network traffic detecting apps, services, protocols, hosts that are not present or evade active scanning. By continuously monitoring the network, PVS provides visibility into both server and client-side vulnerabilities and identifies the flow of sensitive data and the use of common protocols and services.

“A hacker only needs one pathway into your network,” said Ron Gula, CEO of Tenable. “Not knowing what an unmanaged device is doing on your network is a security blind spot. By offering PVS as a standalone product, we are opening up the availability of our products to thousands of security and compliance professionals, and are the only company that provides vulnerability protection to customers from unmanaged systems and applications.”

Tenable Passive Vulnerability Scanner continuously monitors IPv4/IPv6 network traffic for a variety of security-related information including:

• Keeping track of all client and server application vulnerabilities
• Identifying when an application is compromised or subverted
• Detecting and tracking new hosts that are added to a network
• Discovering when an internal system begins to port scan other systems
• Highlighting all interactive and encrypted network sessions
• Tracking exactly which systems communicate with other internal systems
• Spotting which ports are served and which ports are browsed for each individual system
• Passively determining the operating system of each active host

To learn more about PVS, click this link: http://tenable.com/products/passive-vulnerability-scanner

Vulnerability scanning is a cornerstone of IT security and has become a regulatory compliance standard today. Over the last few years, scanning has risen in priority as confirmed by the first four controls in the SANS Top 20 Critical Controls. Any organization effectively implementing vulnerability and compliance monitoring will lower their risk, increase compliance and avoid costly breaches. To achieve this goal, the most comprehensive scanning solutions are needed.

“As innovations such as BYOD and virtualization gain traction within the organization, more and more transient devices are being brought into the organization and onto corporate networks,” added Gula. “If a company is only scanning for these devices monthly, they do not have an accurate picture of their network weakness.”