October 24, 2017
New and enhanced integrations with ServiceNow and Amazon Web Services help customers manage and reduce cyber risk across the modern attack surface
Tenable™, Inc., the Cyber Exposure company, today announced the industry’s first Cyber Exposure ecosystem, starting with a series of new and enhanced technology integrations to help organizations manage and reduce cyber risk holistically across the modern attack surface and the Cyber Exposure lifecycle.
“Organizations in every sector are embracing digital transformation, from cloud to IoT. The flip side of digital transformation is a constantly morphing modern attack surface and a massive underestimation of Cyber Exposure,” said Amit Yoran, CEO, Tenable. “We call this the Cyber Exposure Gap. No company alone can close the gap, which is why we are coming together with other market leaders to pioneer the industry’s first Cyber Exposure ecosystem to help the digital enterprises of today - and tomorrow - build resilient cybersecurity programs.”
Most enterprises have deployed 10s to 100s of disparate tools to help secure their assets and information, with each siloed tool covering only a portion of the attack surface and making it impossible for time-constrained security teams to see and efficiently manage the entire environment. Tenable’s vision is to provide an open and flexible platform, making it easy to build integrated solutions which solve complete customer problems. From ingesting third-party data to enrich asset discovery and vulnerability assessment, to exporting Tenable data to third-party systems for remediation and IT risk management, the Cyber Exposure partner ecosystem connects disparate solutions and data to accelerate an organization’s ability to understand, manage and reduce cyber risk.
The Cyber Exposure technology partner ecosystem includes a series of new and enhanced integrations across an initial set of featured partners, with the intent to add new technology partners on a continuous basis. New and enhanced integrations include:
ServiceNow: Automatically sync IT asset data between ServiceNow® Security Operations and SecurityCenter to enrich asset discovery and vulnerability assessment, as well as import Tenable findings into ServiceNow to accelerate the IT remediation workflow. Enhancements include the ability to filter and tailor Tenable findings in the ServiceNow platform for more efficient IT service management.
Amazon Web Services (AWS): The new AWS Connector for Tenable.io automatically and continuously discovers and tracks asset changes in AWS cloud environments to ensure all instances are known and assessed for exposure with every change. With the life of cloud workloads commonly measured in hours, the AWS Connector solves a key challenge of achieving accurate visibility into cyber risk by creating a consolidated view of all on-prem and cloud-based assets within Tenable.io. This empowers security teams to manage Cyber Exposure across the entire modern attack surface with a complete picture.
Splunk: Splunk® Enterprise automatically collects Tenable vulnerability and configuration issues, correlating vulnerable systems with SIEM alert activity to help validate threats. The enhanced Tenable application is Common Information Model (CIM) compatible for easy use with other Splunk apps.
McAfee: Automatic exporting of Tenable vulnerability and configuration data into McAfee ePolicy Orchestrator™ (ePO) increases visibility and enriches context around the security posture of McAfee managed endpoints. Enhancements include the use of McAfee's Data Exchange Layer (DXL) for seamless communication between Tenable and McAfee DXL Partners.
These new integrations join other featured Cyber Exposure ecosystem partners, including:
CyberArk: Tenable integration with CyberArk Application Identity Manager™ simplifies privileged access to hosts for more accurate and faster vulnerability assessment.
ForeScout: Integration with ForeScout CounterAct® allows the product to notify Tenable when new systems join the network, triggering immediate vulnerability assessment of newly detected devices and the ability to execute protective actions on vulnerable systems.
Infoblox: Integration with Infoblox IP Address Management allows the product to trigger immediate vulnerability assessment via Tenable when new systems join the network or during incident response to identify compromised systems.
“Vulnerability response is the missing link for security teams to radically increase the effectiveness of their programs,” said Sean Convery, vice president and General Manager of ServiceNow’s Security Business Unit. “ServiceNow brings business context, prioritization, risk dashboards and deep IT integration to ensure timely remediation of issues. Together with Tenable, we offer customers a complete view of the attack surface and the ability to prioritize and remediate vulnerabilities.”
The Cyber Exposure technology partner ecosystem is part of the Tenable™ Assure partner program, a new program designed to make it easier than ever for Tenable technology and channel partners to build and deliver innovative solutions to customer problems. Features of the program include the elimination of partner levels and fees and the creation of a self-service capability for building integrations with Tenable.io. Tenable is committed to working with the technology ecosystem to maintain integrations which keep pace with changes over time.
For more information on joining the Cyber Exposure ecosystem and becoming a Tenable technology partner, visit www.tenable.com/partners/technology.