Manage vulnerabilities and attack surfaces

24 October 2023
| No comments
Manage vulnerabilities and attack surfaces

Share post

Since the attack surface is constantly growing in all companies, exposure management and weak point and vulnerability management are becoming increasingly important.

The launch of ExposureAI adds new generative AI capabilities and services to the Tenable One exposure management platform. At the same time, the company is introducing “Tenable Exposure Graph,” a Snowflake-based data lake that feeds the ExposureAI engine. This unified data platform, which includes more than a trillion unique exposures, IT assets and security findings (vulnerabilities, misconfigurations and identities) across IT, public cloud and OT environments, is the world's largest repository of contextual exposure data and powers all exposures -Tenable management products.

AI-based features for preventative security

Tenable ExposureAI offers three new categories of generative AI-based preventative security capabilities that are fundamental to exposure management programs:

  • Search: Security teams can use natural language search queries to ask questions to analyze assets and exposures in their environments, understand relevant contextual information, and prioritize remediation actions.
  • Explain: Provides specific risk mitigation guidance that leverages Tenable's unparalleled exposure data to provide security teams with clear visibility and concise analysis of complex attack paths, specific assets, or security findings.
  • Action: Delivers actionable insights and recommended actions based on key exposures, allowing security teams to proactively address risks and reduce their organization's overall exposure.

In August, Tenable introduced extensions to Tenable OT Security. These are designed to help customers strengthen the security of their OT environments through the industry's most comprehensive and granular visibility, granularity, management and control of IT/OT and IoT assets. Tenable OT Security now provides enhanced visibility of building management systems – including devices such as security cameras, HVAC systems, badge scanners and entry security systems, lighting controls, programming systems and other assets.

The latest version also includes improvements to the way users can manage their active queries for effective asset inventory and fingerprinting, and an all-new configuration interface. These Active Queries are generated by Tenable OT Security's hybrid asset discovery approach, which passively monitors networks to capture devices and classify them as IT or OT. Once classified, IT devices are queried using Tenable Nessus (included in the Tenable OT Security license). Communication with OT devices occurs securely via read-only queries in their native protocols.

Automatic detection of vulnerabilities

Also in the summer, Tenable introduced new features of Tenable Cloud Security. These enable automatic detection of operating system vulnerabilities in container images, registries and pipelines. Building on existing exposure management capabilities, Tenable Cloud Security now enables security teams to prevent operating system vulnerabilities and other risks from being implemented in runtime environments.

Tenable Cloud Security's agentless container scanning enables security teams to prioritize and prevent container operating system vulnerabilities and other risks in multi-cloud environments through a single interface. Security teams can leverage the same OS vulnerability detection they've come to expect from Tenable for container images. The focus is on scanning images stored in container image registries and as part of DevOps workflows and pipelines. This allows security teams to prevent risky images from being deployed in production. They can also reduce the number of alerts and safely scale container adoption across the organization.

More at Tenable.com

 

About Tenable

Tenable is a Cyber ​​Exposure company. Over 24.000 companies worldwide trust Tenable to understand and reduce cyber risk. Nessus inventors have combined their vulnerability expertise in Tenable.io, delivering the industry's first platform that provides real-time visibility into and secures any asset on any computing platform. Tenable's customer base includes 53 percent of the Fortune 500, 29 percent of the Global 2000, and large government agencies.

 

Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more

 

PR News
, , , ,