New Capabilities to Automatically Discover and Assess Rogue Assets

Nathan Dyer

Few organizations have sufficient visibility into their attack surface—until now. Tenable announces new asset discovery capabilities across on-premises and cloud environments. 

Visibility into all assets across your attack surface is a foundational capability in cybersecurity. There is a reason why it’s step 1 in the Cyber Exposure lifecycle: you cannot secure what you cannot see. Many security frameworks, such as NIST CSF and SANS Controls, emphasize this point by including asset management and inventory at the beginning of their lists of essential controls. 

Despite the fact that asset discovery is so fundamental to cybersecurity, very few organizations have it mastered. In fact, only 29% of 2,400 IT and security professionals recently surveyed by Ponemon Institute believed their organizations have sufficient visibility into their attack surface. This is a critical problem for organizations of all sizes and industries.

There are three key reasons why asset discovery is so hard:

  • Assets are more dynamic than ever. The modern attack surface is constantly expanding, contracting and evolving, with new devices constantly connecting to and leaving the network and IT services spinning up and down. 
  • New device types are accelerating. You are no longer just responsible for securing traditional IT assets. Now you’re responsible for mobile devices, cloud instances, DevOps processes and operational technology (OT) that integrates with your IT networks. 
  • The number of unknown assets is increasing. Despite your best efforts, there will always be devices and IT services across your organization that go unsanctioned or unaccounted for. But with the rise in bring-your-own-device (BYOD) policies and the proliferation of IaaS instances and SaaS-based applications, the number of “known unknowns” is rapidly expanding.
  • Traditional vulnerability management (VM) solutions haven’t kept up with this modern asset evolution. Active scanning alone is unable to detect frequent changes in the attack surface or gain visibility into new SaaS applications or OT devices. Cybersecurity leaders require new Cyber Exposure approaches to continuously discover known and unknown assets across on-prem and cloud environments.

    Introducing New Rogue Asset Discovery Capabilities

    Today, we’re excited to announce a series of new innovations in and to help you not only automatically detect every asset across your computing environments, but also assess them for vulnerabilities and misconfigurations. These new capabilities are provided natively in our base VM platforms at no additional cost without the need for a separate application that would create another data silo. Here’s what’s new:

    Nessus Network Monitor (NNM) Discovery Mode

    NNM — which is used to provide passive monitoring capabilities in and — has been a trailblazer in the world of passive network monitoring with over 10 years of customer deployments. It has one of the industry’s broadest asset coverage, with visibility into traditional IT, SaaS applications, mobile devices and OT and IoT devices without the need for third-party integrations. Passive monitoring with NNM is an essential ingredient for attack surface visibility, complementing existing active and agent-based scans to detect assets and vulnerabilities continuously. This helps to eliminate blind spots between active scans and identify previously unknown assets when they are active on your network. 

    Now with Discovery Mode, you can use NNM within and to continuously monitor your networks to discover rogue assets without the need to consume a product license. This new capability will be available in both products later this year.

    Tenable Cloud Connector Auto Discovery

    In addition to NNM that is deployed on-prem, you also need continuous visibility into your cloud assets and IaaS instances as workloads are rapidly created and turned off. Tenable Cloud Connectors provide live visibility into AWS, Azure and GCP cloud environments so you know which cloud instances are active at any given time. Data collected from the cloud connectors is fully integrated into alongside other asset information.

    Now with Cloud Connector Auto Discovery, you can automatically collect and track cloud assets from all member accounts associated with the master cloud account without any manual intervention or configuration. This ensures that you have continuous visibility into your cloud environments, even in cloud accounts you may not have known existed until now. This new capability is available today in

    Rogue Asset Automatic Assessment

    What good is asset discovery alone if you are unable to quickly and automatically assess those assets for vulnerabilities and misconfigurations? It’s critical that you are able to quickly scan all newly discovered assets without any manual intervention based on policies you define to do so. Workflow automation will help you not only improve your overall security posture, but also re-allocate operational resources to more meaningful tasks.

    Now with Rogue Asset Automatic Assessment, you will be able to tag newly discovered assets that have not yet been assessed and configure scans based on tags that can automatically run as determined by your scan policy. This new capability is available today in and will be available in later this year. 

    Turn the Unknown Into the Known with Rogue Asset Discover

    Unified visibility is a hallmark of a mature cybersecurity and Cyber Exposure program. Make sure your Cyber Exposure solutions can shine a light into every dark corner across your modern attack surface. To see how, take advantage of a free 60-day evaluation of today and get started in minutes. 

    Read more >

    Published on Aug 6, 2019

    We have big plans for continued global growth, and we’re looking for people who are creative, flexible and dedicated to helping us build something great – something that matters.