August 18, 2020
Tenable.ot now uses industry’s #1 vulnerability assessment solution, Nessus, to secure OT and IT assets in a single solution
Tenable®, Inc., the Cyber Exposure company, today announced a first-of-its kind integration with Tenable.ot™ 3.7 and Nessus® Professional to help organizations secure both IT and operational technology (OT) devices in converged environments. For the first time, customers can use a single solution — Tenable.ot — for unmatched visibility and control to secure IT assets alongside OT systems and reduce their cyber risk in converged, modern environments.
With digital transformation, cyberattacks are increasingly creeping laterally between IT and OT. The Tenable.ot 3.7 release comes on the heels of the National Security Agency (NSA) and Cybersecurity and Infrastructure Agency’s (CISA) alert AA20-205A about the targeting of critical infrastructure by exploiting internet-accessible OT assets. This expanding attack surface and new attack vectors brought by convergence, whether planned or unplanned, require a holistic OT security solution that can precisely identify, assess and protect against both IT- and OT-specific threats within an OT environment.
“Modern OT environments increasingly interconnect with IT as organizations seek to optimize costs and accelerate innovation. The result is a complex, sensitive and vastly expanded attack surface where you cannot manage OT cyber risk discreetly,” said Renaud Deraison, chief technology officer and co-founder, Tenable. “Tenable.ot 3.7 is a game changer that gives organizations the comprehensive visibility, control and precision to manage, measure and reduce the cyber risk of their IT assets alongside their OT systems.”
Tenable.ot 3.7 allows critical infrastructure, manufacturing and industrial organizations to benefit from the efficiencies and cost savings of interconnecting their IT and OT environments without introducing unnecessary and unacceptable risk. First-to-market features and capabilities include:
- Unified Visibility, Security and Control of Converged Infrastructures: Tenable.ot monitors OT networks and assesses OT assets while Nessus intelligently scans and assesses IT-based assets in the OT environment.
- Vulnerability Prioritization Rating (VPR): Tenable.ot provides a detailed threat-based vulnerability score optimized for both IT and OT assets that takes into account the severity of the vulnerability combined with the existence of public proof-of-concepts (PoC), Dark Web chatter, emergence of exploit code in exploit kits and more. This rating provides greater, risk-based intelligence for security teams to prioritize remediation or mitigation of critical flaws.
- Adaptive Assessment: The built-in Nessus sensor will only ever touch IT devices, while OT devices will continue to be handled by Tenable.ot, for a customized and controlled approach to securing converged environments.
- Extended Depth and Breadth of Coverage: Tenable.ot now supports additional OT devices to cover over 90% of industrial controllers and protocols on the market today.
- Community Intel: In addition to policy- and anomaly-based detection, Tenable.ot 3.7 also utilizes open source threat intelligence pulled from the security community for real-time updates.
The integration is available now as a single license for new Tenable.ot users. Current Tenable.ot customers can upgrade to the 3.7 version at no additional cost.
To learn more, visit the Tenable.ot product page.
Tenable®, Inc. is the Cyber Exposure company. Over 30,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 30 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.
443-545-2102, x 1544