Tenable Tuesday announced the general availability of Tenable One, a unified exposure management platform designed to meet the changing needs of the modern cybersecurity professional by offering a holistic view of both on-premises and cloud-based attack surfaces.
The modern cybersecurity attack surface is complex, fast-changing, and involves a panoply of different target systems and users that are all interconnected in a range of ways. Modern cybersecurity measures, on the other hand, are, all too often, architected just as they have been in the past, leading to major challenges in combating threats, according to a white paper Tenable released along with its new product.
The idea behind Tenable One is straightforward—it’s a cloud-based system that pulls in data from diverse types of systems that track a company’s digital assets and identify vulnerabilities, allowing cybersecurity professionals to gain a much clearer picture of their own exposure to cyberthreats, using cloud versions of the company’s existing web app scanning, cloud analysis suite, and Active Directory protection.
In addition, the system provides options for visualizing security risks, applies predictive analytics to identify potential areas of exposure, and analyzes attack paths through various assets in an organization.
Exposure management platform aggregates security data
The product has three core features. First, its Lumin Exposure View, which aggregates data from the company’s aforementioned security products to provide a single-pane view into an organization’s overall vulnerability score, presented as a “cyber exposure” number. Second, Attack Path Analysis uses analytics to map vulnerabilities in one system or app onto the rest of the system, letting organizations gain insight into what, exactly, is vulnerable if a particular security hole is exploited on their systems. Finally, the company’s External Attack Surface Management program analyzes metadata about all of a company’s internet-connected assets—including performing inventory on devices that a security team might have missed—to offer greater visibility into risk posture.
At launch, the company said, Tenable One will only aggregate data from its own security products, but it said that the plan is to add more data ingestion options for other companies’ products. It’s being sold through resellers like IBM, Verizon and CDW, and priced based on the number of assets and apps that a given company wants to manage.
Everything from web applications and identity management systems to cloud assets is under threat, but each of those systems generally requires its own, dedicated security framework in order to keep it secure. That makes the cybersecurity professional’s task enormously complicated, according to Tenable, which in its white paper cited three key concerns that must be addressed by security teams.
First, Tenable wrote, security programs are generally reactive in nature, when they would be far more effective if they were proactive. The ability of active measures— which include mapping the interconnections between users and systems, seeking out potential vulnerabilities on a proactive basis, and tweak privilege levels to where they should be—to protect a company’s IT infrastructure is frequently hampered by an overemphasis on the reactive side of the equation. (SOC analysis, incident responders and the like fall into this category.)
Second, according to the report, the nature of cybersecurity applications, which tend to be designed to address one particular security issue, limits their effectiveness.
“There are many valid reasons from an organizational structure standpoint for security programs to be siloed,” Tenable said. “But a security program built upon a hodgepodge of technologies, all of which serve a bespoke function, makes it virtually impossible for security teams to reduce risk.”
Finally, all of those technologies generate information, creating a cascade of data that can be unwieldy—or even impossible—to work with. The report’s authors said that, too often, security teams area reduced to “dumping the data into spreadsheets,” which is simply insufficient for the task.
Tenable One’s standard version includes the company’s .io cloud analysis suite, web app scanning, cloud security posture monitoring, Active Directory security, and Lumin exposure view. The enterprise version tacks on the attack path analysis feature and external attack surface management features. The standard version will replace Tenable.ep for all customers, who will be automatically enrolled.