Network security company Tenable Inc. today announced a number of new features, including new cloud scanning capabilities and measurement features designed to provide improved cloud security .
Frictionless Assessment offers what Tenable says is a new approach to vulnerability management for modern assets. The service leverages native technologies deployed as part of the cloud asset to assess instances continuously for vulnerabilities. Designed to harness the benefits of cloud-first environments without vulnerability management programs that require period scans or agent-based approaches, the new service allows customers to evaluate cloud assets without interruption, quickly detecting new vulnerabilities as their environment changes without intervention.
Initially launching on Amazon Web Services Inc., Frictionless Assessment uses AWS Systems Manager Run Command to maintain, update and reassess cloud instances without interruption, achieving and maintaining what Tenable says is accurate visibility into cybersecurity risks across all cloud-based assets.
Tenable Lumin, Tenable’s cyber exposure visualization, analytics and measurement solution, is also getting a number of upgrades designed to allow organizations to predict which vulnerabilities pose the greatest risk to their business. Using machine learning, the enhanced version of Lumin allows security teams to also measure how quickly and efficiently they remediate vulnerabilities.
The updated version of Tenable Lumin has several parts, starting with remediation maturity to help security teams not only measure their speed and efficiency of remediating vulnerabilities but also compare them to external peers and Tenable best practices. Remediation maturity is available to existing Lumin customers now.
A new mitigations function is designed to evaluate a security team’s response to critical risks when timely remediation isn’t possible. It provides an inventory of endpoint security controls for a more complete and accurate picture of an organization’s cyber exposure. That capability will be available in the fourth quarter.
Predictive scoring, also available in the fourth quarter, is said to deliver more accurate and comprehensive insight into an organization’s overall cyber exposure. The method infers the exposure scores of groups of assets before they have been assessed in detail.