Tenable Broadens Availability of PVS Network Scanning Tool

Company officials said the move was done to help more organizations deal with security concerns connected to BYOD and virtualization.

Tenable Network Security is releasing a stand-alone version of its real-time networking monitoring technology to help organizations deal with the security concerns arising from such trends as bring-your-own-device and virtualization.

Tenable at the end of the month will make its Passive Vulnerability Scanner (PVS), which until now had been available to customers using Tenable's SecurityCenter and SecurityCenter Continuous View offerings, available to any business. Company officials made the announcement July 30 at the Black Hat 2013 security conference.

The move comes at a time when corporate networks are increasingly seeing more applications crossing the infrastructure and more devices—from notebooks to smartphones to tablets—connecting to the network. The bring-your-own-device (BYOD) trend, with employees tapping into the network with their own computing devices, promises greater productivity and lower operating and capital costs for businesses, but also creates more management and security headaches for IT staff.

Such trends are forcing businesses to increase the amount of scanning they do of their networks, according to Tenable CEO Ron Gula.

"As innovations such as BYOD and virtualization gain traction within the organization, more and more transient devices are being brought into the organization and onto corporate networks," Gula said in a statement. "If a company is only scanning for these devices monthly, they do not have an accurate picture of their network weakness."

BYOD has been on the rise since the first Apple iPhone was introduced in 2007, and gained steam when the iPad tablet hit the market in 2010. Employees are balking at the idea of using company-issued technology, preferring to use their own devices for work. Organizations are looking to institute BYOD policies that enable workers to use whatever device they want while protecting corporate data and networks from unauthorized intrusions.

The situation has created tension. According to a survey of 700 IT decision makers by managed cloud services provider NaviSite released in July, 80 percent of respondents said that BYOD has become the norm in business, but only 45 percent said they have a formal BYOD policy in their workplace.

About 68 percent said they were concerned about security enterprise data on employees' mobile devices.

Tenable's PVS is designed to complement the company's Nessus active scanning products. The technology constantly scans networks at the packet layer, detecting everything from applications and services to protocols and hosts that may not always be found or present at the time of active scanning, according to the company. It's designed to pick up on security vulnerabilities, suspicious network relationships and compliance violations. In BYOD environments, it monitors IPv4 and IPv6 network traffic to find devices connecting to the network and assessing their vulnerabilities.

It also evaluates data crossing the network that might be sensitive, such as social security numbers and credit card information.

"A hacker only needs one pathway into your network," Gula said. "Not knowing what an unmanaged device is doing on your network is a security blind spot."

The standalone PVS offering will be available at the end of August through the company's partners and its e-commerce store.