stor-sec.co.uk - Tenable Extends Cloud Application Security Scanning Capabilities

 

Tenable is updating its cloud-delivered services capabilities, adding new connectors to support GCP and Azure, while also advancing web application discovery features.

 

Tenable announced on June 5 that it is enhancing its Tenable.io cloud-based cyber-exposure platform with new capabilities to help enterprises identify and assess threats.

With the update, Tenable now enables organizations to automatically identify and track assets in Google Cloud Platform (GCP) and Microsoft Azure, in addition to Amazon Web Services (AWS), which was already supported. Tenable's software-as-a-service (SaaS) offering now also provides automatic security scanning for running containers in production environments. In addition, the platform now benefits from improved web application discovery capabilities to help organizations identify both known and unknown applications.

 

"Prior to today's announcement, customers had to manually input the web application fully qualified domain name or IP address as part of the scan setup," Michael Applebaum, vice president of product marketing at Tenable, told eWEEK. "In other words, security teams needed to already know that the web application existed to run the security scan, which is a typical requirement—and challenge—in the web application security space."

The new web application scanning capability in Tenable's SaaS platform allows security teams to input lists of IP ranges and scan for HTTP ports to automatically discover web applications, Applebaum said.

The Tenable.io  SaaS platform was first announced in January 2017, and Tenable has steadily improved it with new capabilities ever since. With the SaaS platform, Tenable provides its customers with a platform for enabling multiple types of security services, including application discovery and vulnerability management. Among the most recent additions is the Lumin cyber-exposure benchmarking feature, which was announced on March 8.

"Tenable.io has experienced rapid adoption since its release in January 2017, from small and medium businesses to large enterprises and government agencies, because of its manageability, modern user experience and scalability," Applebaum said. "The market has also responded well to the platform's support for modern assets including cloud workloads, containers and web apps, as well as operational technologies and its flexible asset licensing model."

Container Security

Part of the new update for Tenable.io is the addition of container runtime scanning capabilities. Applebaum explained that new container capabilities provide visibility into the security posture of running containers. He said that Tenable.io can now enable administrators to access important container operational data such as host IP, container open ports, container uptime, and when containers were first and last seen. 

"With container runtime scanning, the product can also automatically detect new container images running in production that have not yet been tested for vulnerabilities and malware," Applebaum said. "Organizations now also have the ability to detect whether containers have changed during runtime and gain specific details on any packages that were added, updated or removed." 

The goal with the new container capabilities is to reduce any security blind spots after containers have been deployed into production, according to Applebaum. Overall, Tenable's focus is on helping organizations understand and reduce cyber-risk, he said.

"Our product road map includes new capabilities and enhancements that will help us do just that as we continue to pioneer new innovations that help defenders turn the tide on attackers," Applebaum said.

UK FENIX ALLIANCE LTD

 

• Our Mission It is our mission to have the items our customers want, when they want them, at the most competitive prices. We know that being Your Profit Source ® is the key to our own success..

 

• PRODUCTION EQUIPMENT UK FENIX ALLIANCE LTD is a specialized trading company that supplies components for the development and implementation of projects for the automation of production processes, a wide range of machines and parts for CNC machines. Our goal is a satisfied client..

 

• Technological process automation: Our specialists will help to select equipment for various automated systems taking into account the production potential of the client’s facilities. Our main clients are engineers and technologists who introduce new automation tools, combining them with existing equipment, or who create technological lines «from scratch».

 

• UK FENIX ALLIANCE LTD guarantees and benefits: Our company works with manufacturers directly or through authorized dealers, therefore it guarantees high quality components, 100% authenticity, competitive prices and a full package of documents required by law. In addition, there are special price offers! Well-developed logistics and cooperation with the largest couriers allow thousands of our clients worldwide to receive their orders in the shortest possible time.