Cyber Exposure Technology Ecosystem

Together, Tenable and ServiceNow Security Operations bring common visibility to organizations by automatically discovering IT, Cloud and IoT assets, continually assessing these systems for vulnerabilities, linking vulnerabilities with the asset’s business criticality, and prioritizing issues based on this data to accelerate remediation. Joint customers can run automated workflows to solve their most vulnerable items first, saving time and reducing potential exposure related to the vulnerability. In addition, the integration can trigger an automatic re-assessment of the asset to provide validation that the issues were sufficiently resolved, creating a complete, closed-loop remediation process.

The AWS Connector for Tenable.io automatically and continuously discovers and tracks asset changes in AWS cloud environments to ensure all instances are known and assessed for exposure with every change. With the life of cloud workloads commonly measured in hours, the AWS Connector solves a key challenge of achieving accurate visibility into cyber risk by creating a consolidated view of all on-prem and cloud-based assets. This empowers security teams to manage Cyber Exposure across the entire modern attack surface with a complete picture.

The APCON IntellaStore platform provides data aggregation, capture, storage and onboard applications all in one box. IntellaStore captures all traffic of interest from anywhere in the network and provides full packet visibility to the Nessus Network Monitor running directly on the IntellaStore. The ability to have Nessus Network Monitor running on the same box that is tapping the data means data can be analyzed from one spot and threats can be identified faster.

Automatically export Tenable vulnerability and compliance violation findings into the BMC SecOps Response Service to accelerate incident response.

Integration with Cisco Identity Services Engine (ISE) leverages Tenable vulnerability and compliance violation findings to trigger rule-based Network Access Control to remediate vulnerable systems.

Tenable integration with CyberArk Application Identity Manager™ simplifies privileged access to hosts for more accurate and faster vulnerability assessment.

CYBRIC fuels innovation by seamlessly embedding security into the development lifecycle. CYBRIC is the first to orchestrate and automate all code and application security testing. The company’s Continuous Application Security Platform seamlessly integrates security into the development process, delivering frictionless security assurance from code commit to application delivery.

Tenable solutions integrate with Dell KACE systems management appliances to identify missing patches on vulnerable systems, identify unmanaged systems that are vulnerable and require patching, and extend scanning to cover systems that cannot be directly scanned. Tenable can also audit systems running the Dell Force10 FTOS system.

Integration with ForeScout CounterAct® allows the product to notify Tenable when new systems join the network, triggering immediate vulnerability assessment of newly detected devices and the ability to execute protective actions on vulnerable systems.

By deploying Gigamon and Tenable solutions together, organizations that have encrypted traffic in their environments can regain visibility into what devices are connecting to their environment and continuously monitor network traffic to identify vulnerabilities and risk.

Automatically export Tenable vulnerability and compliance findings into IBM QRadar and import QRadar alerts into Tenable to trigger on-demand scans to correlate vulnerable systems with SIEM alert activity for greater analysis accuracy and issue prioritization.

Integration with Infoblox IP Address Management allows the product to trigger immediate vulnerability assessment via Tenable when new systems join the network or during incident response to identify compromised systems.

Kenna (formerly Risk I/O) takes in vulnerability scan results from Nessus to correlate with other assessment information to help customers prioritize issues.

LogRhythm empowers organizations on six continents to rapidly detect, respond to and neutralize damaging cyberthreats. The LogRhythm platform unifies leading-edge data lake technology, artificial intelligence, security analytics and security automation and orchestration in a single end-to-end solution. LogRhythm serves as the foundation for the AI-enabled security operations center, helping customers secure their cloud, physical and virtual infrastructures for both IT and OT environments. Among other accolades, LogRhythm is positioned as a Leader in Gartner’s SIEM Magic Quadrant.

Automatic exporting of Tenable vulnerability and configuration data into McAfee ePolicy Orchestrator™ (ePO) increases visibility and enriches context around the security posture of McAfee managed endpoints.

Automatically export Tenable vulnerability and compliance violation findings into ArcSight and correlate vulnerable systems with SIEM alert activity for greater analysis accuracy and issue prioritization.

Tenable integrates with Microsoft WSUS and SCCM to identify mobile devices and associated vulnerabilities. In addition, Tenable scans Microsoft operating systems, applications and databases for vulnerabilities, audits for hardening guidelines and audits for compliance, and identifies malicious processes and malware targeting Microsoft systems and applications. Finally, Tenable also integrates with Microsoft Exchange (ActiveSync) MDM to discover, audit security settings and identify vulnerabilities on mobile devices. Tenable also detects and audits Microsoft Azure cloud services to identify misconfigurations and identify entry points for attackers.

Tenable integrates with Red Hat Satellite to correlate patch status reported by Red Hat with the results of Tenable’s vulnerability scanning. By correlating patching with scan results, organizations can identify inconsistencies in their patching programs.

RedLock® enables effective, comprehensive threat defense across Amazon Web Services, Microsoft Azure, and Google Cloud public cloud environments. The RedLock Cloud 360™ platform takes a new, AI-driven approach that correlates disparate security data sets including network traffic, user activities, risky configurations, host and container vulnerabilities, and threat intelligence, to provide a holistic view of risks across fragmented cloud environments. With RedLock, organizations can ensure compliance, govern security, and enable security operations across public cloud computing environments from a single pane of glass.

Automatically export Tenable vulnerability and compliance violation findings into the RedSeal cybersecurity analytics platform to correlate vulnerable system data with RedSeal access path data for issue remediation prioritization.

Export Tenable vulnerability and compliance violation findings to RSA Archer® GRC to aggregate vulnerable system data with additional IT controls data for a consolidated view of IT risk.

Tenable and Siemens have formed a strategic partnership to help energy, utilities and oil and gas companies with a new solution for industrial asset discovery and vulnerability management. ‘Industrial Security’ from Tenable provides safe, reliable asset discovery and vulnerability detection purpose-built for industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. Using passive network monitoring based on Tenable’s Nessus Network Monitor, designed for critical systems which require a non-intrusive approach to vulnerability detection, the OT-native solution helps identify and prioritize OT risks so organizations can keep safety-critical production assets secure and fully functional. Delivered by Siemens as a security service, ‘Industrial Security’ helps customers understand the state of their assets at all times, providing them with the information they need to quickly and confidently assess, understand and ultimately reduce their cybersecurity risk.

Siemplify provides a holistic Security Operations Platform that empowers security analysts to work smarter and respond faster. Siemplify uniquely combines security orchestration and automation with patented contextual investigation and case management to deliver intuitive, consistent and measurable security operations processes. Leading enterprises and MSSPs leverage Siemplify as their SOC Workbench, tripling analyst productivity by automating repetitive tasks and bringing together disparate security technologies.

Splunk® Enterprise automatically collects Tenable vulnerability and configuration issues, correlating vulnerable systems with SIEM alert activity to help validate threats. The Tenable application is Common Information Model (CIM) compatible for easy use with other Splunk apps.

Tenable integrates with Symantec Altiris to correlate patch status reported by Symantec with the results of Tenable’s vulnerability scanning. By correlating patching with scan results, organizations can identify inconsistencies in their patching programs.

ThreatConnect provides threat intelligence data that helps identify malware and malicious behavior. Tenable solutions can use this data to identify malicious communications and compromised hosts as well as help prioritize vulnerability scan results and response.

Integration with Thycotic Secret Server simplifies privileged system access to hosts for more accurate and faster vulnerability assessment.