Vulnerability management software provider Tenable is introducing Tenable Cloud Security Agentless Assessment paired with Tenable Cloud Security Live results to help organizations remediate vulnerabilities faster and prevent zero-day bugs from being exploited.
This unifies the company’s cloud security posture and vulnerability management tools into a single, agentless solution designed to help customers address the critical window between when a vulnerability is discovered and when organizations apply patches, which Tenable says continues to shrink.
According to Tenable, attackers start scanning for vulnerabilities within just 15 minutes of a CVE being published, putting more burden on IT and security teams to act quickly and apply patches or other mitigations.
The Agentless Assessment solution unifies Cloud Security Posture Management (CSPM) and vulnerability management into a single solution that allows IT and security teams to gain continuous visibility into the state of their cloud assets. Tenable says the solution is an improvement over the first generation of cloud-native security solutions, providing greater speed, scale and cost savings.
According to Tenable, the solution is 100% agentless and API-based, enabling cloud security teams to use the power of its Nessus vulnerability scanning tool for vulnerability assessments without the need to install scanners or agents, configure credentials on target hosts or set up scan policies.
Tenable Agentless Assessment uses a proprietary approach enabling users to onboard cloud accounts within minutes and scan all assets for software and misconfiguration vulnerabilities without impacting compute speed or costs, the company says.
Live Results inspects collected data to look for matches to updates in the Research Vulnerability and Threat Library feed, helping cloud security teams and developers identify security issues and prevent risky deployments, the company says.
When a new vulnerability is published to the threat library, Tenable Live Results enables security teams to see if a vulnerability exists in their current asset inventory, without needing to execute a new scan, according to Tenable.
The company says the solution will help block zero-day vulnerabilities faster and give customers easy-to-deploy exposure management with drift detection for cloud resources, along with multi-cloud discovery and governance to support security and compliance.
New Tenable Cloud Security solution capabilities, including prioritized results for containers, are scheduled to be generally available for Amazon Web Services in the third quarter of 2022. Support for Microsoft Azure and GCP is expected by the end of 2022.
Glen Pendley, Tenable’s CTO, in a statement called Agentless Assessment a big step forward in cloud vulnerability scanning technology.
“As the period from vulnerability disclosure to exploitation shrinks, cybersecurity teams have even less time to respond,” Pendley says. “Tenable Cloud Security is an Easy Button that takes the time-consuming manual labor out of the equation, proactively detecting and assessing vulnerabilities in near real time. This enhanced visibility and continuous assessment on a single platform enables customers to improve risk prioritization and zero in on remediating the vulnerabilities that matter most.”
Leave a Reply