Bye-bye Nessus Cloud, hello Tenable.io. Tenable Network Security has announced today a new cloud platform – Tenable.io. Let’s see what it’s all about.
Applications
As you can see on this figure there will be three applications available for the platform: familiar Vulnerability Management (the new name of Nessus Cloud), new Container Security (Tenable bought FlawCheck service last October) and the long-awaited Web Application Security (not available yet).
It’s not clear yet how closely these services will be integrated with each other. But now even trial versions of Container Security and Vulnerability Management should be requested separately.
Container Security
As I understand it correctly, Container Security is a service where you can constantly upload container images, and the output to get the list of vulnerabilities and other problems of these images:
Tenable.io Container Security stores container images and scans them as they’re built, before they can reach production. It provides vulnerability and malware detection, along with continuous monitoring of container images. By integrating with the continuous integration and continuous deployment (CI/CD) systems that build container images, Tenable.io Container Security ensures every container reaching production is secure and compliant with enterprise policy.
Combination of Container Security static analysis of the image with Nessus dynamic analysis of some host, based on the same image, might be potentially very interesting for the users who use Docker a lot.
Web Application Security
There is no information about Tenable Web Application Security yet, and we are really waiting for it. After all, Tenable is last big VM vendor that does not have fully functional WAS: both Rapid7 and Qualys already provide it for a long time.
Vulnerability Management
The main part of the Tenable.io platform for today is Vulnerability Management. As you can see on the diagram it will use not only Nessus Scanners and Nessus Agents, but also Passive Vulnerability Scanner (PVS). However, there is nothing about Log Correlation Engine (LCE). The ability to integrate with 3-d party sources, including Vulnerability Management Providers is also quite intriguing. Although it is not yet clear what that exactly means.
Obviously, Tenable.io Vulnerability Management will replace the Nessus Cloud. There is no such option on the site already:
I’m not a Nessus Cloud user and do not know how Tenable will migrate their Nessus Cloud users to a new product. Tenable.io cloud platform was just announced and even first webinars about it will be hold not early than in the end of the February – beginning of the March.
If you compare last year’s screenshots of Nessus Cloud 6.6. with a screenshot from the Tenable.io Vulnerability Management datasheet, they look very similar.
Nessus Cloud 6.6.:
New Tenable.io Vulnerability Management (clickable):
As you can see there are more dashboards now, separate reporting section and all “Hosts” are now “Assets”. Tenable put emphasis on this:
Tenable.io Vulnerability Management offers a first-to-market asset-based licensing model that consumes just a single license unit per asset, even if the asset has multiple IP addresses. The solution’s elastic model also continues to permit scanning when license counts are temporarily exceeded and automatically recovers licenses for rarely scanned assets or one-time bursts.
In addition, it will be possible to use the sensors for free:
The Sensors include active and agent scanning, as well as passive traffic listening – all provided at no extra cost.
How Tenable.io Vulnerability Management actually looks in real life, I will show in the next post. Good news is that Tenable offers a 60 days free trial access for everybody:
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.
Pingback: What’s actually new in Tenable.io VM application | Alexander V. Leonov
Pingback: Rapid7 Nexpose in 2017 | Alexander V. Leonov
Pingback: CISO Forum 2017 | Alexander V. Leonov
Pingback: My comments on Forrester’s “Vulnerability Management vendor landscape 2017” | Alexander V. Leonov
Pingback: Qualys new look and new products | Alexander V. Leonov
Pingback: First look at Tenable.io Web Application Scanner (WAS) | Alexander V. Leonov