Tenable Extends Cloud Application Security Scanning Capabilities

Tenable is updating its cloud-delivered services capabilities, adding new connectors to support GCP and Azure, while also advancing web application discovery features.

tenable io

Tenable announced on June 5 that it is enhancing its Tenable.io cloud-based cyber-exposure platform with new capabilities to help enterprises identify and assess threats.

With the update, Tenable now enables organizations to automatically identify and track assets in Google Cloud Platform (GCP) and Microsoft Azure, in addition to Amazon Web Services (AWS), which was already supported. Tenable's software-as-a-service (SaaS) offering now also provides automatic security scanning for running containers in production environments. In addition, the platform now benefits from improved web application discovery capabilities to help organizations identify both known and unknown applications.

"Prior to today's announcement, customers had to manually input the web application fully qualified domain name or IP address as part of the scan setup," Michael Applebaum, vice president of product marketing at Tenable, told eWEEK. "In other words, security teams needed to already know that the web application existed to run the security scan, which is a typical requirement—and challenge—in the web application security space."

The new web application scanning capability in Tenable's SaaS platform allows security teams to input lists of IP ranges and scan for HTTP ports to automatically discover web applications, Applebaum said.

The Tenable.io  SaaS platform was first announced in January 2017, and Tenable has steadily improved it with new capabilities ever since. With the SaaS platform, Tenable provides its customers with a platform for enabling multiple types of security services, including application discovery and vulnerability management. Among the most recent additions is the Lumin cyber-exposure benchmarking feature, which was announced on March 8.

"Tenable.io has experienced rapid adoption since its release in January 2017, from small and medium businesses to large enterprises and government agencies, because of its manageability, modern user experience and scalability," Applebaum said. "The market has also responded well to the platform's support for modern assets including cloud workloads, containers and web apps, as well as operational technologies and its flexible asset licensing model."

Container Security

Part of the new update for Tenable.io is the addition of container runtime scanning capabilities. Applebaum explained that new container capabilities provide visibility into the security posture of running containers. He said that Tenable.io can now enable administrators to access important container operational data such as host IP, container open ports, container uptime, and when containers were first and last seen. 

"With container runtime scanning, the product can also automatically detect new container images running in production that have not yet been tested for vulnerabilities and malware," Applebaum said. "Organizations now also have the ability to detect whether containers have changed during runtime and gain specific details on any packages that were added, updated or removed." 

The goal with the new container capabilities is to reduce any security blind spots after containers have been deployed into production, according to Applebaum. Overall, Tenable's focus is on helping organizations understand and reduce cyber-risk, he said.

"Our product road map includes new capabilities and enhancements that will help us do just that as we continue to pioneer new innovations that help defenders turn the tide on attackers," Applebaum said.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.