Story image

Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach

18 Apr 2019

Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.

The solution claims that helps organisations reduce their business risk by focusing on the top 3% of security vulnerabilities that are most likely to be exploited.

The entire process of prioritising vulnerabilities with the Common Vulnerability Scoring System, otherwise known as CVSS, is often limited. The majority of vulnerabilities rated by the system are ‘high’ or ‘critical’, which can lead to an overload of high-priority vulnerabilities – a challenge for security teams.

Additionally, according to the National Vulnerability Database there were 16,500 new vulnerabilities disclosed in 2018 alone. Only a small subset had a public exploit available and even fewer were actually leveraged by attackers.

Tenable decided to take a different approach to vulnerability prioritisation. Predictive Prioritisation addresses this industry-wide problem by re-prioritising vulnerabilities based on the probability they will be leveraged in an attack. 

''The release of Predictive Prioritisation across Tenable's Cyber Exposure platform is the latest phase of our mission to redefine vulnerability management for the digital era. We're helping customers solve one of the most difficult challenges in the industry today,'' says Tenable’s cofounder and chief technology officer, Renaud Deraison.

“Predictive prioritisation flips the advantage back to cyber defenders by telling them where they're exposed, to what extent and which vulnerabilities to focus on first. These are all critical components of an effective Cyber Exposure strategy.''

Tenable.io now automatically displays a Vulnerability Priority Rating (VPR) that indicates the remediation priority of each flaw, along with VPR Key Drivers, which provide enhanced context into how scores are calculated. Both features are dynamic and change with the threat landscape, arming security teams with actionable insight into their true level of business risk.

This latest release follows the general availability of Predictive Prioritisation in Tenable.sc (formerly SecurityCenter), making Tenable's Cyber Exposure platform the only one to provide predictive capabilities for on-premises and cloud deployments.

Tenable was recently named a March 2019 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment (VA). 

“Thank you to all the customers who took the time to share their experiences working with Tenable, and for trusting us to help them accelerate their Cyber Exposure journeys to reduce their cybersecurity risk,” says Tenable cofounder Jack Huffard.

“At Tenable, our customers are at the heart of what we do, so we’re delighted to be recognised as a Customers’ Choice.”

Exploring the different needs for cloud services across Europe
Although digital transformation is happening across Europe, each country continues to have its own IT needs and the different cloud markets highlight this.
Ping Identity offerings accelerates cloud MFA and SSO adoption
90% of respondents trust MFA as an effective security control to protect identity data in public clouds, yet only 60% of organisations have formally adopted it.
Trend Micro introduces cloud and container workload security offering
Container security capabilities added to Trend Micro Deep Security have elevated protection across the DevOps lifecycle and runtime stack.
Veeam joins the ranks of $1bil-revenue software companies
It’s also marked a milestone of 350,000 customers and outlined how it will begin the next stage of its growth.
Veeam enables secondary storage solutions with technology partner program
Veeam has worked with its strategic technology alliance partners to provide flexible deployment options for customers that have continually led to tighter levels of integration.
Veeam Availability Orchestrator update aims to democratise DR
The ability to automatically test, document and reliably recover entire sites, as well as individual workloads from backups in a completely orchestrated way lowers the total cost of ownership (TCO) of DR.
EXCLUSIVE: Forcepoint global channel chief talks strategy
As a solution sold 100% via the channel, cybersecurity solutions company Forcepoint places a strong emphasis on its partner relationships.
Salesforce continues to stumble after critical outage
“To all of our Salesforce customers, please be aware that we are experiencing a major issue with our service and apologise for the impact it is having on you."