Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Introducing Tenable Cloud Security Agentless Assessment for Microsoft Azure

Introducing Tenable Cloud Security Agentless Assessment for Microsoft Azure

Tenable Cloud Security users now can quickly connect their Azure cloud accounts to perform cloud security posture management, including scanning for security vulnerabilities, misconfigurations and compliance. Here's how.

For years, thousands of customers have relied on Tenable to help them scan and manage vulnerabilities in their cloud infrastructure. As cloud usage has matured, we've introduced cloud-native tooling that leverages the power of public clouds, and we're proud to announce the general availability of Tenable Cloud Security Agentless Assessment for Microsoft Azure.

We offer this same capability for Amazon Web Services and Google Cloud Platform (GCP), and we've expanded Tenable Cloud Security's ability to now manage workloads in the world's largest public cloud providers. 

Agentless Assessment reflects significant technological advances and offers customers a unified approach to cloud security posture and vulnerability management across cloud and non-cloud assets. With the latest release of Tenable Cloud Security, Microsoft Azure users gain comprehensive visibility into their cloud environments and can perform robust vulnerability management, significantly reducing their risk of breaches. The new features include:

  • Quick, organization-wide configuration that automatically discovers individual user workloads and their vulnerabilities
  • Tenable Cloud Security provides the latest insights and updates automatically with no need to create new scans
  • Enhanced policy management and reporting
  • Expanded DevOps / GitOps coverage

Tenable Cloud Security Agentless Assessment for Microsoft Azure

Empowering security teams to monitor the sprawling attack surface with continuous, complete cloud visibility is critical for any organization looking to build a unified cloud security program.

Tenable Cloud Security Agentless Assessment enables security teams to quickly and easily discover and assess all their cloud assets in AWS and Azure. Data is continuously updated via automatic live scans triggered by any logged change event. When a new vulnerability is added to the database, security teams see if a vulnerability exists in their current asset inventory, without needing to execute a new scan.

Onboarding Azure cloud accounts is fast and easy. The one-time setup makes visible all Virtual Private Clouds (VPCs), virtual machines, virtual networks, user accounts and roles, cloud resources and data services, as well as a wide range of cloud resources. That way, users get views of both runtime vulnerabilities and cloud environment misconfigurations in a single solution.

Easily onboard Azure cloud accounts

Onboarding Azure cloud accounts is straightforward, requiring a subscription client ID, secret value and tenant ID, all available from the Azure dashboard. The video below shows how this is done.

Source: Tenable, November 2023

Agentless Assessment allows organizations to reduce their potential for exploits by detecting vulnerabilities on a continuous basis, and discovering zero-day threats as soon as they're published — without having to re-scan their entire environment. With coverage for more than 76,000 vulnerabilities, Tenable has the industry's most extensive database of Common Vulnerabilities and Exposures (CVEs). In addition, Tenable's security-configuration data helps customers understand all of their exposures across all of their assets.

Existing Tenable customers can now access Tenable Cloud Security Agentless Assessment for Amazon Web Services (AWS) and Microsoft Azure. 

Enhanced policy management and reporting

For years, we've been hearing about the importance of certain cybersecurity practices in cloud environments, particularly:

  • Cloud security to properly protect those environments
  • DevSecOps to embed security into software delivery pipelines
  • “Shift left” to start security checks as part of local development cycles where they can be immediately fixed

These points are clearly top-of-mind for Tenable customers, who cite poor visibility into their assets and their security posture as key pain-points.

Tenable Cloud Security provides broad visibility across clouds and resources, and helps security teams prioritize remediation in a standardized way. With enriched policy workflows, new compliance reporting and failing policy groupings, Tenable Cloud Security insights help users improve their cloud governance and cloud security posture management.

Tenable Cloud Security Compliance Reporting: We dynamically update compliance reports and provide groupings for pre-defined benchmarks and regulatory frameworks. Tenable Cloud Security supports more than 20 benchmarks and frameworks, including Service Organization Control 2 (SOC2), Health Insurance Portability and Accountability Act (HIPAA) and General Data Protection Regulation (GDPR).

View comprehensive reports on security findings

Scan data is automatically measured against your applied security policies and presented in Tenable Cloud Security reports, which show compliant and non-compliant resources. These views can be filtered by industry benchmarks and regulations, including Center for Internet Security (CIS), National Institute of Standards and Technology (NIST), the Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR). 

Tenable Cloud Security automated workflows: Users can easily create integrated workflows based on a specific policy so they can quickly re-assess any out-of-the-box policy or use it as a template to build a new customized policy specific to their environment.

Expanded remediation, DevOps and GitOps coverage

Tenable customers also tell us they're currently not widely adopting automation or DevSecOps – the practice of integrating development, security and operations to provision systems in public clouds. This can lead to a high level of cloud security risks and long remediation times due to manual processes. We want to help them adopt and accelerate their DevSecOps strategies.

Tenable Cloud Security helps users do that – and reduces the number of security weaknesses found in production – by integrating into existing DevOps workflows. Along these lines, we have made several key enhancements to aid DevSecOps teams.

Automated remediation workflows: Out of the box, Tenable Cloud Security provides an integrated view of all the resources failing a security policy, including details along with remediation recommendations that can be quickly passed to development teams via ServiceNow, Jira and other developer tools. 

Improved source code management integration and scanning: Tenable Cloud Security provides a “no experience necessary” mechanism of discovering all your repositories. It also can pull multiple repositories into an integrated view of all the resources failing security policies or compliance benchmarks. Any policy violations can quickly be resolved via auto-generated pull requests that can be submitted and tracked all within the same console. 

Learn more


 

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training