itb-nz logo
Story image

Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach

18 Apr 2019

Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.

The solution claims that helps organisations reduce their business risk by focusing on the top 3% of security vulnerabilities that are most likely to be exploited.

The entire process of prioritising vulnerabilities with the Common Vulnerability Scoring System, otherwise known as CVSS, is often limited. The majority of vulnerabilities rated by the system are ‘high’ or ‘critical’, which can lead to an overload of high-priority vulnerabilities – a challenge for security teams.

Additionally, according to the National Vulnerability Database there were 16,500 new vulnerabilities disclosed in 2018 alone. Only a small subset had a public exploit available and even fewer were actually leveraged by attackers.

Tenable decided to take a different approach to vulnerability prioritisation. Predictive Prioritisation addresses this industry-wide problem by re-prioritising vulnerabilities based on the probability they will be leveraged in an attack. 

''The release of Predictive Prioritisation across Tenable's Cyber Exposure platform is the latest phase of our mission to redefine vulnerability management for the digital era. We're helping customers solve one of the most difficult challenges in the industry today,'' says Tenable’s cofounder and chief technology officer, Renaud Deraison.

“Predictive prioritisation flips the advantage back to cyber defenders by telling them where they're exposed, to what extent and which vulnerabilities to focus on first. These are all critical components of an effective Cyber Exposure strategy.''

Tenable.io now automatically displays a Vulnerability Priority Rating (VPR) that indicates the remediation priority of each flaw, along with VPR Key Drivers, which provide enhanced context into how scores are calculated. Both features are dynamic and change with the threat landscape, arming security teams with actionable insight into their true level of business risk.

This latest release follows the general availability of Predictive Prioritisation in Tenable.sc (formerly SecurityCenter), making Tenable's Cyber Exposure platform the only one to provide predictive capabilities for on-premises and cloud deployments.

Tenable was recently named a March 2019 Gartner Peer Insights Customers’ Choice for Vulnerability Assessment (VA). 

“Thank you to all the customers who took the time to share their experiences working with Tenable, and for trusting us to help them accelerate their Cyber Exposure journeys to reduce their cybersecurity risk,” says Tenable cofounder Jack Huffard.

“At Tenable, our customers are at the heart of what we do, so we’re delighted to be recognised as a Customers’ Choice.”

Story image
Will a vaccine passport help international flights take off?
Immunity credentials could mean that both international and domestic carriers could start flying with greater confidence — and the world could get moving again.More
Link image
Virtual demo: Diagnose network cabling problems with the LinkIQ Cable+Network Tester
If you’re finding it difficult to install access points and cabling, or if you can’t pinpoint an issue with a video camera or end user, the LinkIQ Cable+Network Tester could be exactly what you need. Try a free, fully interactive demo now.More
Story image
Video: 10 Minute IT Jams - Who is ActiveCampaign?
In this interview, Techday speaks to ActiveCampaign founder and CEO Jason VandeBoom, who discusses the ins and outs of the customer experience automation.More
Story image
Why better API monitoring is critical for achieving quality customer service
To optimise the complete service delivery and maintain an excellent digital experience, it’s essential to consider how the APIs perform, writes ThousandEyes principal solutions analyst ANZ Mike Hicks.More
Story image
How multi-cloud visibility ensures business continuity
One of the most common applications and use cases that we’ve seen for this capability is tracking the status of SSL/TLS certificates on the thousands of application and communication servers that make up an enterprise network.More
Story image
Why a more secure organisation is a collective responsibility
With vast volumes of data moving to the cloud, many IT professionals are frequently challenged to protect their enterprise environment, and there is a greater focus being placed on advancing cybersecurity strategies.More