Are We Exposed? Quickly Identify New Threats

| SOLUTION STORIES

Are We Exposed? Quickly identify new threats. Respond effectively.

Do you dread seeing your CEO or auditor when a new security threat or vulnerability makes the news? You know their first question will be, “Are we exposed?,” which means you’re going to SecurityCenter Continuous View™ spend the rest of your week running scans to come up with the answer. And that is just the first of many steps you need to take to reduce your risk. Prioritizing remediation and making fixes Exposure Response Capabilities across endpoints typically takes even more time; the longer it takes to answer the question, the • Active Scanning – Periodically examining longer your organization is exposed. assets to identify vulnerabilities • Agent Scanning – Instantly examine assets New threats are constantly emerging and changes to the IT environment – including new without the need for credentials endpoints with the proliferation of mobile devices and BYOD policies – make it difficult to understand where you are exposed. So you need a new way to immediately answer • Intelligent Connectors – Leveraging other the questions, “Are we exposed?” and “Where are we exposed,” so your organization can systems of record and integrations for respond more effectively. data, context and analysis • Passive Listening – Monitoring network Greater Visibility traffic in real-time provides information Traditionally, IT security and compliance scanning was something you may have done on which assets are connected to the occasionally, perhaps a few times per year or once every quarter or month to identify possible network and how they are communicating security issues, such as malware, misconfigurations or vulnerabilities. When a new threat or • Host Data – Actively monitoring host vulnerability was identified, you would need to dig through archive scan data to determine your activities and events in real time, exposure. For example, with major vulnerabilities like Shellshock, Heartbleed or POODLE, you’d including who is accessing them and need to know which systems were running an affected operating system but that data would what is changing only be accurate as of the date of your last scan. If it was performed last month or quarter, the data would likely be out-of-date. Getting full visibility would require a new scan, which would require time and resources to run.

Today, we can collect data continuously for greater visibility across all devices and environments. Adding agents, intelligent connectors to mobile and cloud services, passive listening of network traffic, and host data to your arsenal can move your organization from having point-in-time data to having continuous visibility into your IT environment. It also expands your capabilities to identify issues across endpoints, not only to malware, vulnerabilities and misconfigurations, but to identify anomalous and suspicious behaviors that need attention. And that can give you the ability to immediately answer the question, “Are we exposed?” and take the action you need to reduce risk.

With passive listening and host data, Tenable gives you a near real-time view of your environment and the ability to quickly identify new threats and respond effectively. | SOLUTION STORIES

Exposure Response with SecurityCenter Continuous View SecurityCenter Continuous View (CV) uses a diverse array of sensors to ensure comprehensive coverage of your network and all of your assets in near real-time. Tenable unifies data across the organization, using sources such as agent data, network traffic, virtual systems, mobile device management, patch management, host activity and monitoring, as well as external sources of threat intelligence to feed our intelligent monitoring system.

SecurityCenter CV thoroughly analyzes asset state with active and/or agent scanning to identify vulnerabilities, misconfigurations, malware and other weaknesses. Network traffic and event monitoring identify new or never-before-seen devices, applications, ports, services, or Discovery dashboards, such as this one for the Badlock vulnerability, help processes. SecurityCenter CV also delivers zero-touch assessment you identify hosts and vulnerabilities and prioritize remediation. and monitoring across potentially fragile operational technology (OT), like medical devices, building management systems and industrial Timely and Effective Response control systems, including SCADA devices. Maximize Your Resources This continuous monitoring of the state of networks is essential for Every security team has limited resources. That’s why it’s critical, making informed security decisions about exposure or potential especially when faced with exposure to a major vulnerability or threat, exposure to threats and vulnerabilities. to take the , to take the right action without wasting valuable time and resources. By providing near real-time data into your exposure across Make Sense of Data with all of your assets and environments, and the context and the context Critical Context to interpret that data, SecurityCenter Continuous View delivers the insight to ensure your response to the question, “Are we exposed?” is Getting data about exposures across endpoints is the first step. Once not only timely, but accurate as well. you have it, it is crucial to be able to make sense of it. To do this, SecurityCenter Continuous View provides dashboards and reports to enable you to quickly and accurately interpret the data collected. A library of curated dashboards is available from the Tenable Research About Tenable Team, who deliver new dashboards when new threats emerge. This Tenable Network Security transforms security technology for the team of security professionals constantly monitors a variety of threat business needs of tomorrow through comprehensive solutions that intelligence sources and correlates industry trends, emerging threats provide continuous visibility and critical context, enabling decisive and common frameworks on your behalf. This intelligence helps you actions to protect your organization. Tenable eliminates blind spots, automatically know — based on your current data set — if you are prioritizes threats, and reduces exposure and loss. With more than one exposed so you can address high-priority issues quickly. million users and more than 20,000 enterprise customers worldwide, organizations trust Tenable for proven security innovation. Tenable’s customers range from Fortune Global 500 companies, to the U.S. Department of Defense, to mid-sized and small businesses in all sectors, including finance, government, healthcare, higher education, retail and energy. Transform security with Tenable, the creators of Nessus and leaders in continuous monitoring, by visiting tenable.com.

For More Information: Please visit tenable.com Contact Us: Please email us at [email protected] or visit tenable.com/contact Copyright © 2016. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc. SecurityCenter Continuous View and Passive Vulnerability Scanner are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners. EN-JUN082016-V3