Continuous Security Posture and Risk Management of Infrastructure-as-code with Tenable.cs
Infrastructure-related vulnerabilities, specifically policy violations and cloud resource misconfigurations, are typically detected after cloud-native applications are deployed. Yet, the risk of bad actors exploiting these vulnerabilities is high. Ideally, these gaps would be addressed very early in the development lifecycle for cloud-native applications.
This ESG Technical Review documents the evaluation of Tenable.cs to secure cloud infrastructure from a code perspective. ESG validated Tenable.cs’ ability to detect and remediate potential security gaps by continuously monitoring cloud security along the entire development lifecycle: coding, integration, delivery, and deployment.