Tenable Network Security Releases Enhanced Version of the Nessus Perimeter Service

Approved Scanning Vendor Reduces Risk and Costs by Streamlining PCI Compliance for Enterprise Networks

Tenable Network Security, Inc., the leader in Unified Security Monitoring (USM), announced today the availability of the newest version of its Nessus® Perimeter Service. Tenable's Nessus Perimeter Service extends the power of the world's most widely-deployed vulnerability scanner to help businesses protect payment card data, identify network and web application vulnerabilities, and demonstrate compliance with the PCI Data Security Standard (PCI DSS).

Nessus Perimeter Service is an enterprise-class remote vulnerability scanning solution that audits Internet-facing IP addresses for both network and web application vulnerabilities from the cloud. This new release includes the Tenable PCI Scanning Service, which allows customers to scan unlimited Internet-facing sites for PCI compliance, as often as needed, and submit these PCI scan results up to twice per quarter for PCI Approved Scanning Vendor (ASV) validation, all for one low flat annual fee. The launch comes one month after Tenable Network Security's certification as an ASV by the PCI Security Standards Council.

Nessus Perimeter Service delivers:

• Web application vulnerability detection: Access to Tenable's continuously-updated database of nearly 50,000 vulnerability and configuration checks to scan web-facing applications for vulnerabilities which compromise compliance.
• Consolidated scanning and PCI ASV validation: As an ASV for PCI compliance, Tenable enables customers to use a single solution to perform unlimited PCI scans, submit scan results for PCI ASV validation, and create compliance documentation.
• World-class expertise: Support from Tenable's team of PCI-certified professionals who can quickly validate if customers are meeting PCI compliance requirements. 
• No additional infrastructure overhead: As a managed service, no hardware or software installation is required, and setup takes just minutes.
• Value-based licensing: Users pay a single annual flat fee and can scan an unlimited number of Internet-facing systems, as often as they like.

"We're extending the power of the Nessus Perimeter Service to include PCI ASV validation," said Ron Gula, CEO and CTO of Tenable Network Security. "Tenable has helped customers prepare for PCI certification by pre-scanning their networks and identifying PCI-relevant assets. Now customers can scan Internet-facing sites using Perimeter Service's preset PCI compliance policy template and submit these PCI scan results to Tenable for PCI ASV validation, at no additional charge."

Continuous Compliance for Enterprise Networks

When Nessus Perimeter Service is integrated with Tenable's SecurityCenter, Passive Vulnerability Scanner, and Log Correlation Engine, Tenable's USM platform delivers:

• Continuous monitoring and centralized intelligence, instantly identifying new devices on the network which may create an unmanaged PCI exposure.
• Secure log aggregation and storage, log normalization, and search for compliance monitoring.
• Real-time visibility into in-scope PCI-relevant assets, reducing the time and resources required for regular scans.
• An integrated view of risk exposure, including Internet-facing web application vulnerabilities.
• Consolidated scanning and PCI ASV validation, eliminating the cost and overhead associated with managing several products and vendors.

For more information on how Tenable Network Security can help with your PCI compliance initiatives and details on Tenable's Nessus Perimeter Service, please visit: www.tenable.com.