Transcription
Tenable OverviewJason ClarkAugust 2017
DigitalTransformationis AcceleratingEvery organization is transforming intoan information organizationPutting pressure on every function toinnovate and operate faster“Bold, tightly integrateddigital strategies will bethe biggest differentiatorbetween companies thatwin and companies thatdon’t.”– McKinsey & Co.2
How Are YouResponding?What is the organization’sdigital strategy?How is Security enabling thatstrategy?3
Creating Massive Exposure for Every OrganizationIndustrial IoTCloudMobileNetworkInfrastructureLaptopServerICS / SCADAWeb AppDesktopVirtualMachineContainerEnterprise IoT4
Legacy Approaches Cannot KeepPace with the Expanding Attack SurfaceThe result is aCyber Exposure gap5
Cyber Exposure Addresses This GapCyber Exposure is an emerging discipline for:Managing and measuring your modern attack surface to accuratelyunderstand and reduce your cyber riskEvery organization, no matter how large or small,will be able to confidently answer three questions at all times:How Secure Are We?How Exposed Are We?How Do We ProactivelyReduce Our Exposure?6
Cyber Exposure Builds on Vulnerability ManagementCyber Exposure will provide strategic insight with an objective way to measureand compare cyber risk across an organization and its industryIt builds on Vulnerability Management through:LiveDiscoveryContinuous VisibilityPrioritizeExposureCommunicateCyber RiskCyber ExposureMetric7
Cyber Exposure Builds on Vulnerability ManagementCyber Exposure will provide strategic insight with an objective way to measureand compare cyber risk across an organization and its industryIt builds on Vulnerability Management through:Live Discovery ofevery modern assetacross anycomputingenvironmentContinuous Visibility intowhere an asset is secure,or exposed, and to whatextentAdd context to theexposure to prioritizeand select theappropriate remediationtechniqueAccurately represent andcommunicate cyber riskto the business – inbusiness termsApply Cyber Exposuredata as a key risk metricfor strategic decisionsupport8
For CXOFor CISOFor Security/Operations nalysisStrategic DecisionSupportLive asset discoveryContinuous visibilityVulnerability managementfor all assetsSecurity frameworks andcompliance reporting Visualization & mappingAdvanced risk-basedprioritizationGuided remediationHeuristics3rd party asset & vulnimport and normalization Predictive modelingBenchmarkingTechnology portfolioanalysisAll AssetsAll EnvironmentsITCloudIoT9
The Operational LifecycleDISCOVERASSESSIdentify and map every asset acrossany environment. From here you canbaseline the current and desiredoperational state.With every change, automatically assessthe current state against the baseline stateof the environment, includingmisconfigurations, vulnerabilities andother key indicators of security health,such as out of date antivirus or high riskusers.FIXANALYZEPrioritize which exposures to fix first, ifat all, and select the appropriateremediation technique, whether it’s atemporary security control or acomplete fix.Add context to the asset’s exposureto prioritize remediation based onthe asset’s business criticality andthe severity of the vulnerability.10
Complete Coverage of Your Modern Web AppLaptopWe provide the most completevisibility in the industry – tohelp you see and protect anyasset on any ineICS / SCADAIndustrial IoTEnterprise IoT11
Comprehensive Solutions from TenableVulnerability Management Enterprise managementLive asset discoveryReportingIntegrations & APIAgentsPassive monitoringOn-prem vulnerability managementfor traditional IT assetsCloud-based Cyber Exposureplatform for modern assets – fromIT to cloud to IoT and OTPowered by on-prem Nessus Scanners, Agents, &Network MonitorVulnerability Assessment Comprehensive,high-performance scanning Extensive configuration auditing
SecurityCenter for Traditional AssetsA proven on-prem VM solutionProven VM solution with extensive frameworks and reporting to measure securityeffectiveness and support regulatory & policy complianceBuilt for traditional assetsLeveraging Nessus technology and utilizing passive network monitoring forcomprehensive vulnerability management and continuous visibilityTrusted by large & midsize orgs worldwideRelied on by US Defense Dept. (millions of assets), Volkswagen, City of San Diego,Crosskey Banking Solutions, HealthDirect Australia, and other leaders13
Tenable.io for the Modern Attack SurfaceTenable Ecosystem:3rd Party DataVulnerabilityManagementWeb ApplicationScanningContainerSecurityAPI and SDKAssetsVulnerabilitiesCMDBIT Systems MgmtPlatform ServicesThreatsNessusScannerAll Assets inAll EnvironmentsNessus AgentNessusNetworkMonitorTrue AssetTrackingTenable Ecosystem:3rd Party SystemsGRCImageRegistryMassive Scalability14
Services Help Realize Value Throughout the Lifecycle Premium Technical Support Services to optimize ongoing usageof Tenable solutionsOngoingSupportAssess,Plan & Design Integrate other systemswith your Tenable solutionto unlock additional value Assess VM program Cybersecurity framework planning Tenable deployment planning &architectureIntegration&Automation Services to support your initial solutionsetup & configuration Operational best practicesProductTraining Web-based training content Virtual & onsite instructor-ledtrainingImplementation& Operation15
Delivering Enterprise-wide Protection in DaysEnterprise-wideAttackers will find your weak link. You can’t afford not to see your fullenvironment – today.ProtectionSecurity teams need comprehensive coverage. No one has time to buy,manage, and integrate dozens of point products.In daysWe help you see your full enterprise in days, not months. And scale to thelargest organizations. So you always know where you stand.16
Tenable at a Glance Founded in 2002 Exploded with the widespread adoptionof Nessus and later, SecurityCenter Released Tenable.io in 2017 to introducethe first cyber exposure platform and evolvevulnerability management Relentless innovator:“Tenable has [massive] brand equity withNessus, yet [is] one of the most forward-thinkingcompanies in VM.” – Forrester, 201723,000 1.6M800 CustomersGlobal UsersEmployees50%100%80%Fortune 500Top 10 US TechCompaniesTop 10 USFinancialInstitutions17
Why TenableTechnology LeadershipCreator of Nessus and relentless innovator advancing moderncybersecurity – from IT to cloud to IoT and OTSingular Vision#1 Vulnerability Management technology in the world, pioneeringCyber Exposure to help customers measure & reduce cybersecurityrisk – from operations to the CXOCustomer CommitmentComplete dedication to our customers’ success – every day, in allwe do18
19
Tenable at a Glance 17 Founded in 2002 Exploded with the widespread adoption of Nessus and later, SecurityCenter Released Tenable.io in 2017 to introduce the first cyber exposure platform and evolve vulnerability management Relentless innovator: "Tenable has [massive] brand equity with Nessus, yet [is] one of the most forward .
