2017: Time to Shake Up Your Understanding of Risk

By Amit Yoran

Two years ago, the message coming out of the RSA Conference was that the security industry had failed; new products kept emerging, yet breaches were still on the rise. Today, we still hear about daily security attacks. Organizations embrace new technologies to remain competitive, and security practitioners struggle to keep pace and preserve the enterprise from painful compromise. If you think the tech community hasn’t done a great job of understanding exposures and managing risk in traditional enterprise environments, things get a lot more complex with the rush to cloud, embracing the DevOps revolution, containers and other technologies that increase capabilities but that turn traditional infrastructure on its head. Simply put, enterprise technology risk is getting more difficult to assess and manage effectively.

Cybersecurity in the spotlight in 2017

As enterprise use of technology is rapidly evolving, security vendors must also evolve or become obsolete. The importance of cybersecurity is clear in every organization – not just to security professionals, but to CEOs, boards of directors, government agencies and customers. Security teams are starting to think about security more strategically. Senior executives couldn’t care less about the better mouse traps our industry is so fond of developing and marketing with great fanfare. The questions CISOs and senior executives want to know are quite foundational: “How exposed is our organization?” “How much risk are we facing?” and “How does that exposure and risk profile change as we make changes to our IT systems and business model?”

Vulnerability and risk management are going to look very different this year

At Tenable, we are transforming our products and company, looking at security solutions in a new light, and developing capabilities that empower our customers with the confidence they need to embrace their future. Vulnerability and risk management are going to look very different this year.

Tenable’s strategy

Tenable.io is going to change the way you think about vulnerability management

Tenable has always been the leader in vulnerability management; it’s in our DNA. Today’s enterprise exposes an attack surface that looks very different than how it looked a few years ago. From BYOD to virtual systems, web apps to containers, cloud to DevOps deployments, organizations struggle to achieve visibility, to understand their true exposure, and to determine how best to manage risk.

With the unveiling of Tenable.io™, our new vulnerability management SaaS platform, a foundational building block to that future is here. Tenable.io is going to change the way you think about vulnerability management.

Tenable.io helps you understand your vulnerabilities holistically, including enterprise computing environments, mobile systems, virtual machines, web sites, web applications, containers, IoT and control systems. The strategic approach to vulnerability management brings modular applications that address your business needs for Vulnerability Management, Container Security, and Web Application Scanning.

Tenable.io enables you to leverage nearly unlimited usage of the renowned Nessus® scanners. It also includes agents, passive scanning and web app scanning technology to give you the greatest visibility into your environments. Tenable.io is the only solution to build container security into vulnerability management.

Tenable.io is going to change the way you do vulnerability management

We know that it can be frustrating to assess your risk based on IP addresses when your business actually aligns with assets. At the core of Tenable.io is an asset-based understanding of your exposures and risk, not one tied myopically to IP addresses. Licensing based on assets provides simple pricing, more transparent licensing, more accurate identification of resources and more concise reports. What is an asset? An asset is simply a resource that can be identified and seen. It’s that easy. Elastic asset licensing is a better foundation for a complete and accurate view of your systems and risk. And Tenable.io is the only security solution that is licensed by assets.

The Tenable.io API and SDK and the Tenable Technology Integration Partner Program also provide seamless integrations with other critical solutions in the IT environment.

Tenable.io is going to change your understanding of risk and the way you do vulnerability management.

Partners in the future

It’s an exciting time in our industry. Tenable has set ambitious goals to solve some of the most foundational security challenges and empower CISOs to gain control of their expanding environments. We will be bold and we will never stop innovating. We are proud to be your strategic partner in managing risk.

Source:: Tenable Blog