”Security teams using legacy vulnerability management tools are not equipped to handle the converging world of IT and OT because when it comes to modern assets like containers, they’re completely blind,” said Tenable chief product officer Dave Cole (pictured).
“Massive shifts in computing coupled with today’s elastic attack surface have left enterprises struggling to gain visibility into their exposure areas. Increasing network diversity due to the rise of IoT and the convergence of IT and OT are only compounding the issue.
"CISOs need a complete and reliable view of the entire modern computing environment so they can take a proactive approach to managing the security challenges of today and tomorrow.”
Multiple components can be used to provide broad asset discovery and vulnerability identification at a pace that matches the tempo of today's DevOps-led environments.
Tenable.io Container Security claims to provide visibility within container images as they are created, with vulnerability assessment, malware detection and policy enforcement prior to deployment.
Nessus Network Monitor passively analyses network traffic, giving continuous visibility of managed and unmanaged IT and OT assets on the network. New capabilities include asset discovery and vulnerability identification on critical infrastructure and embedded systems, such as SCADA systems. Supported protocols include Bacnet, CIP, DNP3, Ethernet/IP, Modbus/TCP, Siemens S7, ICCP, IEC 60870-5- 104, IEEE C37.118, and OpenSCADA.
Tenable.io now includes pre-built scan templates for identifying systems exposed to all Shadow Brokers exploits, including WannaCry, EternalRocks and any new versions of these attacks, plus a check for the recent Intel AMT vulnerability (INTEL-SA- 00075).
Tenable.io Web Application Scanning is a new product within the platform to automatically identify vulnerabilities in web applications. It will be generally available on 14 July.