Tenable announced new capabilities for Tenable.cs, its cloud-native application security platform.
Tenable.cs delivers full lifecycle cloud-native security to address cyber risks from build to runtime. With the new features, organizations can secure cloud resources, container images and cloud assets to provide end-to-end security from code to cloud to workload.
Tenable.cs enables organizations to programmatically detect and fix cloud infrastructure misconfigurations in the design, build and runtime phases of the Software Development Lifecycle (SDLC) to prevent unresolved insecure configuration or exploitable vulnerabilities from reaching production. Tenable.cs secures infrastructure as code (IaC) before deployment, maintains a secure posture in runtime, and controls drift by synchronizing configuration between runtime and IaC.
The IaC remains the single source of truth, eliminating the need for complex and manual processes. The solution also includes Frictionless Assessment and Nessus Vulnerability Assessment for cloud workloads as well as Container Security to assess cloud hosts and container images for vulnerabilities without the need to manage scan schedules, credentials or agents.
“Shift-left is the future of cloud security,” said Nico Popp, chief product officer, Tenable. “It is about finding and remediating security risk across configuration, access and software vulnerabilities before the exposure finds its way into production. Tenable.cs embraces the GitOps philosophy by tightly integrating with developer tools and workflows.”
Tenable.cs is fully integrated into Tenable.ep, the company’s comprehensive Cyber Exposure platform. With this addition, Tenable delivers an integrated, end-to-end security solution and a complete picture of cyber risks across the modern attack surface with unified visibility into code, configurations, assets and workloads.
Organizations can determine the cyber risk of their cloud resources alongside other assets, such as IT assets, web apps and containers. Tenable.ep helps organizations understand cyber risk in the broader context of their business, with holistic visibility and reporting, unified workflow and advanced analytics to help users assess and prioritize what matters most to their organization.
Tenable.cs data is also fully integrated into Tenable.io, providing unified views of assets and vulnerabilities. Organizations can tap key capabilities, such as analyzing cloud exposures alongside their other assets, advanced search and filtering with meta tagging, streamlined reporting, comprehensive role-based access controls, and a single sign-on for easy access.
Tenable.cs is available as a standalone solution, as part of Tenable.io and as part of Tenable.ep.