New Capabilities to Automatically Discover and Assess Rogue Assets

Nathan Dyer

Few organizations have sufficient visibility into their attack surface—until now. Tenable announces new asset discovery capabilities across on-premises and cloud environments. 

Visibility into all assets across your attack surface is a foundational capability in cybersecurity. There is a reason why it’s step 1 in the Cyber Exposure lifecycle: you cannot secure what you cannot see. Many security frameworks, such as NIST CSF and SANS Controls, emphasize this point by including asset management and inventory at the beginning of their lists of essential controls. 

Despite the fact that asset discovery is so fundamental to cybersecurity, very few organizations have it mastered. In fact, only 29% of 2,400 IT and security professionals recently surveyed by Ponemon Institute believed their organizations have sufficient visibility into their attack surface. This is a critical problem for organizations of all sizes and industries.

There are three key reasons why asset discovery is so hard:

  • Assets are more dynamic than ever. The modern attack surface is constantly expanding, contracting and evolving, with new devices constantly connecting to and leaving the network and IT services spinning up and down. 
  • New device types are accelerating. You are no longer just responsible for securing traditional IT assets. Now you’re responsible for mobile devices, cloud instances, DevOps processes and operational technology (OT) that integrates with your IT networks. 
  • The number of unknown assets is increasing. Despite your best efforts, there will always be devices and IT services across your organization that go unsanctioned or unaccounted for. But with the rise in bring-your-own-device (BYOD) policies and the proliferation of IaaS instances and SaaS-based applications, the number of “known unknowns” is rapidly expanding.
  • Traditional vulnerability management (VM) solutions haven’t kept up with this modern asset evolution. Active scanning alone is unable to detect frequent changes in the attack surface or gain visibility into new SaaS applications or OT devices. Cybersecurity leaders require new Cyber Exposure approaches to continuously discover known and unknown assets across on-prem and cloud environments.

    Introducing New Rogue Asset Discovery Capabilities

    Today, we’re excited to announce a series of new innovations in Tenable.io and Tenable.sc to help you not only automatically detect every asset across your computing environments, but also assess them for vulnerabilities and misconfigurations. These new capabilities are provided natively in our base VM platforms at no additional cost without the need for a separate application that would create another data silo. Here’s what’s new:

    Nessus Network Monitor (NNM) Discovery Mode

    NNM — which is used to provide passive monitoring capabilities in Tenable.io and Tenable.sc — has been a trailblazer in the world of passive network monitoring with over 10 years of customer deployments. It has one of the industry’s broadest asset coverage, with visibility into traditional IT, SaaS applications, mobile devices and OT and IoT devices without the need for third-party integrations. Passive monitoring with NNM is an essential ingredient for attack surface visibility, complementing existing active and agent-based scans to detect assets and vulnerabilities continuously. This helps to eliminate blind spots between active scans and identify previously unknown assets when they are active on your network. 

    Now with Discovery Mode, you can use NNM within Tenable.io and Tenable.sc to continuously monitor your networks to discover rogue assets without the need to consume a product license. This new capability will be available in both products later this year.

    Tenable Cloud Connector Auto Discovery

    In addition to NNM that is deployed on-prem, you also need continuous visibility into your cloud assets and IaaS instances as workloads are rapidly created and turned off. Tenable Cloud Connectors provide live visibility into AWS, Azure and GCP cloud environments so you know which cloud instances are active at any given time. Data collected from the cloud connectors is fully integrated into Tenable.io alongside other asset information.

    Now with Cloud Connector Auto Discovery, you can automatically collect and track cloud assets from all member accounts associated with the master cloud account without any manual intervention or configuration. This ensures that you have continuous visibility into your cloud environments, even in cloud accounts you may not have known existed until now. This new capability is available today in Tenable.io.

    Rogue Asset Automatic Assessment

    What good is asset discovery alone if you are unable to quickly and automatically assess those assets for vulnerabilities and misconfigurations? It’s critical that you are able to quickly scan all newly discovered assets without any manual intervention based on policies you define to do so. Workflow automation will help you not only improve your overall security posture, but also re-allocate operational resources to more meaningful tasks.

    Now with Rogue Asset Automatic Assessment, you will be able to tag newly discovered assets that have not yet been assessed and configure scans based on tags that can automatically run as determined by your scan policy. This new capability is available today in Tenable.sc and will be available in Tenable.io later this year. 

    Turn the Unknown Into the Known with Rogue Asset Discover

    Unified visibility is a hallmark of a mature cybersecurity and Cyber Exposure program. Make sure your Cyber Exposure solutions can shine a light into every dark corner across your modern attack surface. To see how, take advantage of a free 60-day evaluation of Tenable.io today and get started in minutes. 

    Read more >

    Published on Aug 6, 2019

    People also viewed

    Business Cost Analyst - Cloud Infrastructure

    San Jose California United States E Santa Clara St., San Jose, California, United States, 95113 Engineering Engineering
    Your Role:Tenable is seeking a Business Cost Analyst of Cloud Infrastructure with strong MS Excel experience to assess, analyze and compile current costs and potentially determine initiatives to reduce and improve our cloud infrastructure cost for...

    Professional Services Engagement Manager

    Singapore Singapore Singapore North Bridge Road, Parkview Square, Singapore, 188788 Professional Services Professional Services
    Your Role:The Professional Services Engagement Manager assists in the professional services business development and oversees the delivery of projects. The Professional Services Engagement Manager’s roles include tactical project management oversi...

    UX Designer

    Columbia Maryland United States Columbia Gateway Drive, Columbia, Maryland, United States, 21046 Engineering Engineering
    Your Role:Tenable is looking for an extraordinary Senior UX Designer to join our team. Our group is chartered with creating the next generation of security products while at the same time pioneering unprecedented user experience in the digital sec...

    Commercial Territory Manager - West

    Columbia Maryland United States Columbia Gateway Drive, Columbia, Maryland, United States, 21046 Sales Sales
    Your Role:The Commercial Territory Manager will meet and exceed quarterly sales quota by developing new opportunities within specific geographical territory.  Researching and identifying potential accounts; outbound cold calling to soliciting new ...

    Senior Software Engineer (Java & Kotlin)

    San Jose California United States E Santa Clara St., San Jose, California, United States, 95113 Engineering Engineering
    Your Role:Tenable is looking for a Senior Software Engineer to join the Lumin product development team. As a Sr. Software Engineer you will drive projects end-to-end, collaborate on product requirements with Product Managers, architect and impleme...

    Public Sector Channel Manager - Distribution

    Reston Virginia United States Reston, Virginia, United States Channel Sales Sales
    Your Role:The Public Sector Channel Manager-Distribution is responsible for establishing and managing relationships with the Distribution Partner(s).  The CM-Disty will act as a sales liaison between distributor and Tenable Channel Manager personn...

    We have big plans for continued global growth, and we’re looking for people who are creative, flexible and dedicated to helping us build something great – something that matters.