Tenable launches cloud-based vulnerability management platform
Tenable Network Security is hoping to make vulnerability management great again.
The security vendor, based in Columbia, Md., unveiled a new cloud-based vulnerability management platform, dubbed Tenable.io, this week at RSA Conference 2017. Tenable.io, which is delivered as a software-as-a-service offering, includes an API and software development kit that allows third parties to export and import vulnerability data.
The vulnerability management platform includes web application scanning and container security monitoring features, as well as an asset tracking algorithm that tracks not only devices, but virtual machines and cloud instances, as well.
Thomas said Tenable.io builds on the foundation of existing products like Nessus, Tenable’s vulnerability scanning and configuration auditing tool. However, the vulnerability management platform was largely built from the ground up as a totally new, cloud-based offering. For example, Tenable.io has a service-level agreement with an uptime guarantee that’s similar to SLAs of other major cloud providers.
The vulnerability management platform is also integrated with the IT service management workflows of several other security vendors and technology providers, including Amazon Web Services, CyberArk and ForeScout. The Tenable Technology Integration Partner program allows other companies to collaborate with Tenable and build integrations into the Tenable.io platform.
“One of the issues that makes this sort of thing challenging is that it’s hard to get critical mass,” Thomas said. “But we have close to 2,500 customers that are already using products that are the basis for Tenable.io.”