Key Benefits Tenable Research

The SecurityCenter platform provides the most comprehensive and integrated view of enterprise security posture to reduce KEY BENEFITS business risk and ensure compliance.

NEXT-GENERATION • Identify weaknesses by scanning traditional assets for known vulnerabilities, misconfigurations and malware VULNERABILITY ANALYTICS

• Assess how well patch management is working SOLUTION based on vulnerability trends over time

SecurityCenter® is a comprehensive vulnerability analytics • solution that provides complete visibility into the security Rapidly respond to changes with configurable alerts, notifications and automated actions and compliance posture of your distributed and complex IT infrastructure. SecurityCenter does this through advanced • Measure security posture based on security policies analytics, customizable dashboards/reports and workflows that aligned with high-level business objectives to identify weaknesses on your traditional IT assets, by identifying all vulnerabilities, misconfigurations and malware on • Streamline compliance for the widest range of them. regulatory/IT standards and best practices

SecurityCenter’s vulnerability analytics engine evaluates the vulnerability data gathered across multiple Nessus® scanners distributed across your enterprise, illustrates vulnerability trends over time and assesses risk to prioritize the actions TENABLE RESEARCH needed. Finally, SecurityCenter includes a configurable workflow engine that helps your security team speed up response and The Tenable Research team provides frequent updates of remediation, to reduce overall risk and streamline compliance. vulnerability and threat intelligence, advanced analytics, security/compliance policies, dashboards, reports and SecurityCenter includes Assurance Report Cards® (ARCs), which Assurance Report Cards to all SecurityCenter customers. This enable you to continuously measure, analyze and visualize the out-of-the box content is based on industry and customer best effectiveness of your security program, based on high-level practices gathered by Tenable, putting the power of our security business objectives and underlying customizable policies that research team at your disposal. This content is part of the CISOs and executives care about. SecurityCenter subscription.

KEY FEATURES • Assurance Report Cards: continuously measure the effectiveness of customer-defined security policies based on high-level business objectives to identify and close potential gaps.

• Highly customizable dashboards/reports: new HTML5- based user interface to satisfy specific needs of CISOs, security management, analysts and practitioners/operators.

• Broad asset coverage: assess servers, endpoints, network devices, operating systems, databases and applications in physical, virtual and cloud infrastructures.

• Dynamic asset classification: group assets based on policies that meet specific criteria; e.g., Windows 7 assets with vulnerabilities > 30 days old. SecurityCenter provides highly customizable vulnerability • Vulnerability management: multiple scanning options, analytics, trending, reporting and workflows to suit the including non-credentialed and credentialed scanning for needs of your security program deep analysis and configuration auditing. • Agent-based scanning: available for organizations to more easily scan mobile and hard to reach assets.

COPYRIGHT 2018 TENABLE, INC. ALL RIGHTS RESERVED. TENABLE NETWORK SECURITY, NESSUS, SECURITYCENTER, SECURITYCENTER CONTINUOUS VIEW AND LOG CORRELATION ENGINE ARE REGISTERED TRADEMARKS OF TENABLE, INC. TENABLE, TENABLE.IO, ASSURE, AND THE CYBER EXPOSURE COMPANY ARE TRADEMARKS OF TENABLE, INC. ALL OTHER PRODUCTS OR SERVICES ARE TRADEMARKS OF THEIR RESPECTIVE OWNERS.

• Managed security posture: scan hosts, virtual, mobile and • Integrations: use out-of-box integrations with patch security devices for vulnerabilities, misconfigurations and management, mobile device management, threat intelligence malware using customizable schedules and black-out and other third-party products, or use SecurityCenter APIs to windows. develop custom integrations.

• Cumulative scan results: consolidate data from multiple • Streamlined compliance: pre-defined checks for industry on premises Nessus scanners and provide remediation standards and regulatory mandates, such as CERT, DISA STIG, trending information. DHS CDM, FISMA, SCADA, PCI DSS, HIPAA/HITECH and more.

• Advanced analytics/trending: provide contextual insight

and actionable information to prioritize security issues SECURITYCENTER EDITIONS associated with security posture of all enterprise assets. SecurityCenter • Incident Response/Workflows: configurable workflows and SecurityCenter is the next-generation vulnerability analytics alerts for administrators to take manual actions via emails, solution that includes multiple Nessus scanners, the world’s notifications, trouble tickets or take automated actions. most widely deployed vulnerability scanner. It provides the most comprehensive visibility into the security posture of • Tiered management model: support for organizations that their distributed and complex IT infrastructure. distribute responsibilities across multiple geographies and

teams using role-based access control. SecurityCenter Continuous View™ • Automated load balancing: optimize (parallelize) scan cycles SecurityCenter Continuous View is the market-leading in distributed environments. continuous network monitoring platform. It integrates SecurityCenter along with multiple Nessus Network Monitor sensors and Log Correlation Engine® (LCE®) to provide comprehensive continuous network monitoring.

Capabilities SecurityCenter SecurityCenter CV™

Centralized vulnerability management with multiple scanners ◻ ◻

Dynamic asset classification (mail server, web server, etc.) ◻ ◻

Policy-based configuration auditing ◻ ◻

Malware detection with built-in threat Intelligence ◻ ◻

Pre-defined dashboards/reports with automatic feeds from Tenable ◻ ◻

Incident response with configurable alerts, notifications, ticketing ◻ ◻

Assurance Report Cards (ARCs) ◻ ◻

Continuous asset discovery (virtual, mobile, cloud) ◻

Passive vulnerability detection of new and “unsafe-to-scan” assets ◻

Real-time detection of botnet and command & control traffic ◻

Anomaly detection using statistical/behavioral techniques ◻

Streamlined compliance with proactive alerts on violations ◻

For More Information: Please visit tenable.com | Contact Us: Please email us at [email protected]/contact or visit tenable.com/contact

“It’s a home-run with an all-in-one Tenable solution that enables SecurityCenter CV includes Assurance Report Cards® (ARCs), me to prioritize security risks and assess security posture of my which enable you to continuously measure, analyze and visualize enterprise based on business objectives at any time.” the effectiveness of your security program, based on high-level business objectives and underlying customizable policies that - Healthcare Service Provider CISOs and executives care about. MARKET-LEADING TENABLE RESEARCH CONTINUOUS NETWORK The Tenable Research team provides frequent updates of MONITORING SOLUTION vulnerability and threat intelligence, advanced analytics, security/compliance policies, dashboards/reports and Changing IT landscapes (virtual, mobile, cloud services) and Assurance Report Cards to all SecurityCenter CV customers. This evolving cyber threats have made periodic scanning and out-of-the box content is based on industry and customer best compliance audits insufficient to protect businesses against practices gathered by Tenable, putting the power of our security modern cyberattacks. Continuous network monitoring is a new research team at your disposal. This content is part of the approach to strengthening your enterprise security and SecurityCenter CV subscription. compliance posture on a continuous basis, providing assurance that your IT security investments are configured and operating KEY BENEFITS correctly and delivering timely and actionable insight into the most important security risks that impact your business.

• Always know when new or changed assets alter your SecurityCenter Continuous View® (SecurityCenter CV™) is the attack surface market-leading continuous network monitoring solution that provides total visibility of your security and compliance posture • Gain broad visibility across your IT infrastructure, across your IT infrastructure, actionable insight into including endpoints, servers, databases, mobile prioritized weaknesses and continuous assurance that security devices, domain controllers, network devices, virtual and compliance are aligned with organizational goals. It is the only solution that brings together discovery of on premises and applications and the cloud cloud-based assets, active and passive vulnerability assessment, • configuration auditing, change detection, malware detection, See what others miss with visibility into transient, threat intelligence and analysis of network and user activity. difficult to reach and unsafe to scan systems

• Discover detailed insights with automated analysis of vulnerability and configuration data that is enhanced with patching status, known exploits, threat intelligence and knowledge of suspicious network traffic and user behavior

• Focus on what matters by quickly identifying exploitable weaknesses

• Communicate security posture using Assurance Report Cards

• Document compliance with industry standards and regulations

Highly customizable dashboards, reports, workflows and security policies to suit your specific business needs

KEY FEATURES

• Assurance Report Cards: continuously measure the THE SECURITYCENTER CV effectiveness of customer-defined security and compliance policies based on business objectives to identify and close ADVANTAGE potential gaps. Customers choose SecurityCenter CV because it • Highly customizable dashboards/reports: HTML-5 based user helps them: interface satisfies the specific needs of CISOs, security management, analysts and practitioners/operators. • Eliminate blind spots resulting from unmanaged • Broad asset coverage: assess servers, endpoints, network assets and weaknesses that increase your risk devices, operating systems, databases and applications in profile and are often the root of security issues. physical, virtual and cloud infrastructures. • Increase efficiency informed by complete context to • Continuous asset discovery: discover all mobile devices, quickly understand and prioritize weaknesses. physical, virtual and cloud instances on the network, including unauthorized assets. • Assure security and prove compliance to all • Dynamic asset classification: group assets based on policies stakeholders using specific metrics that clearly that meet specific criteria: e.g., Windows 7 assets with communicate status. vulnerabilities > 30 days old.

• Vulnerability management: multiple scanning options, including passive network monitoring, non-credentialed and credentialed scanning for deep analysis and configuration

auditing. SECURITYCENTER EDITIONS

• Agent-based scanning: available for organizations to more SecurityCenter easily scan mobile and hard to reach assets. SecurityCenter® is the next-generation vulnerability analytics • Malware detection: leverage built-in threat intelligence feeds solution that includes multiple Nessus® scanners, the world’s (malware indicators, blacklists) to identify advanced malware. most widely deployed vulnerability scanner. It provides the most comprehensive visibility into the security posture of their • Assess network health: continuously monitor network traffic distributed and complex IT infrastructure. looking for suspicious traffic to/from vulnerable systems/ services, unknown devices, botnets, command/control servers. SecurityCenter Continuous View • Anomaly detection: use statistical and anomalous SecurityCenter Continuous View is the market-leading behavior analysis techniques on external log sources, continuous network monitoring platform. It integrates to automatically discover activity that deviates from SecurityCenter along with multiple Nessus Network Monitor the baseline. sensors and Log Correlation Engine® (LCE®) to provide comprehensive continuous network monitoring. • Advanced analytics/trending: provide contextual insight and actionable information to prioritize security issues associated with security posture of all enterprise assets.

• Notification: configurable alerts for administrators to take For More Information: Please visit tenable.com manual actions via emails, notifications, trouble tickets or to Contact Us: Please email us at [email protected] or visit tenable.com/contact take automated actions via APIs.

• Streamlined compliance: pre-defined checks for industry standards and regulatory mandates, such as CERT, DISA STIG, DHS CDM, FISMA, PCI DSS, HIPAA/HITECH and more.

• Integrations: use out-of-box integrations with patch management, mobile device management, threat intelligence and other third-party products, or use SecurityCenter APIs to develop custom integrations.