The only constant is change, it’s often said, and nowhere are those words truer than in today’s IT environments.
To help businesses better protect against threats to their modern and adaptable IT infrastructures, Tenable Network Security has launched a new cloud-based service that can track and elastic assets and provide visibility into their security status.
Virtual machines, containers, web applications and other highly-elastic workloads pose a challenge for technology professionals tasked with keeping attackers at bay and their organization’s data safe. Fixed IT assets like dedicated, single application servers with clearly defined parameters have given way to virtualized environments that can spin up and scale services and applications practically at a moment’s notice.
Although this flexibility allows for heightened levels of agility — as evidenced by the application container craze that has gripped the enterprise developer scene — and enables organizations to adapt faster to changing conditions, but it comes at a cost.
“An elastic environment expands and contracts based on the load on the servers. This means that vulnerabilities may be present without running on a processor at a given time,” Renaud Deraison, Tenable’s CTO and co-founder, told eSecurity Planet. “The move towards an elastic attack surface makes it extremely difficult to assess the cybersecurity risk of the enterprise and leaves organizations vulnerable.”
His company’s new solution, dubbed Tenable.io, addresses many of the shortcomings of traditional scanning and vulnerability management tools, including relying on IP addresses to identify IT assets. “In a world of containers and public cloud, assets need to be identified as such and not by their presence on the network at a given point in time,” Deraison said.
Instead, Tenable uses an asset fingerprinting algorithm to sniff out dynamic, sometimes short-lived assets like cloud instances, virtual machines and even laptops. Employing the company’s Nessus technology, the solution uses active vulnerability scanning and passive traffic listening to detect holes in a network’s defenses.
“Tenable.io was made for modern IT environments, which typically contain a mix of servers living in a datacenter, in a private and in a public cloud. It delivers visibility and insight into all IT assets through an open and elastic platform,” added Deraison.
The platform uses an asset-based elastic licensing that assigns a license for every asset, even if it uses multiple IP addresses. In keeping with the elastic nature of the technology, Tenable permits scanning if customers briefly exceed license counts and automatically recovers licenses for one-time scans or rarely-scanned assets.
Tenable.io also integrates with leading enterprise security management solutions. Members of the Tenable Technology Integration Partner (TIP) program, include BMC Software, CyberArk, ForeScout and IBM Security, all of which are working on integrating with the new solution.
And in early 2017, Tenable is extending the platform to cover web applications and the technology that has taken the DevOps community by storm: containers.
“Tenable.io expands vulnerability management to containers, bringing security into the container build process from the very start,” said Deraison. “This allows teams to continuously assess images for vulnerabilities and malware before deploying the containers into production, without slowing innovation cycles.”