Tenable has announced the general availability of Tenable One, a unified exposure management platform designed to meet the changing needs of the modern cyber security professional by offering a holistic view of both on-premises and cloud-based attack surfaces.
The modern cyber security attack surface is complex, fast-changing, and involves a panoply of different target systems and users that are all interconnected in a range of ways.
Modern cyber security measures, on the other hand, are, all too often, architected just as they have been in the past, leading to major challenges in combating threats, according to a white paper Tenable released along with its new product.
The idea behind Tenable One is straightforward — it’s a cloud-based system that pulls in data from diverse types of systems that track a company’s digital assets and identify vulnerabilities, allowing cyber security professionals to gain a much clearer picture of their own exposure to cyberthreats, using cloud versions of the company’s existing web app scanning, cloud analysis suite, and Active Directory protection.
In addition, the system provides options for visualising security risks, applies predictive analytics to identify potential areas of exposure, and analyses attack paths through various assets in an organisation.
Exposure management platform aggregates security data
The product has three core features. First, its Lumin Exposure View, which aggregates data from the company’s aforementioned security products to provide a single-pane view into an organisation’s overall vulnerability score, presented as a “cyber exposure” number.
Second, Attack Path Analysis uses analytics to map vulnerabilities in one system or app onto the rest of the system, letting organisations gain insight into what, exactly, is vulnerable if a particular security hole is exploited on their systems.
Finally, the company’s External Attack Surface Management program analyses metadata about all of a company’s internet-connected assets — including performing inventory on devices that a security team might have missed — to offer greater visibility into risk posture.
At launch, the company said, Tenable One will only aggregate data from its own security products, but it said that the plan is to add more data ingestion options for other companies’ products. It’s being sold through resellers like IBM, Verizon and CDW, and priced based on the number of assets and apps that a given company wants to manage.
Everything from web applications and identity management systems to cloud assets is under threat, but each of those systems generally requires its own, dedicated security framework in order to keep it secure.
That makes the cyber security professional’s task enormously complicated, according to Tenable, which in its white paper cited three key concerns that must be addressed by security teams.
First, Tenable wrote, security programs are generally reactive in nature, when they would be far more effective if they were proactive.
The ability of active measures — which include mapping the interconnections between users and systems, seeking out potential vulnerabilities on a proactive basis, and tweak privilege levels to where they should be — to protect a company’s IT infrastructure is frequently hampered by an overemphasis on the reactive side of the equation. SOC analysis, incident responders and the like fall into this category.
Second, according to the report, the nature of cyber security applications, which tend to be designed to address one particular security issue, limits their effectiveness.
“There are many valid reasons from an organisational structure standpoint for security programs to be siloed,” Tenable said. “But a security program built upon a hodgepodge of technologies, all of which serve a bespoke function, makes it virtually impossible for security teams to reduce risk.”
Finally, all of those technologies generate information, creating a cascade of data that can be unwieldy — or even impossible — to work with. The report’s authors said that, too often, security teams area reduced to “dumping the data into spreadsheets,” which is simply insufficient for the task.
Tenable One’s standard version includes the company’s .io cloud analysis suite, web app scanning, cloud security posture monitoring, Active Directory security, and Lumin exposure view.
The enterprise version tacks on the attack path analysis feature and external attack surface management features. The standard version will replace Tenable.ep for all customers, who will be automatically enrolled.