Tenable unveils agentless container scanning to prevent vulnerable containers from reaching runtime
Tenable announced new Tenable Cloud Security features that deliver automated operating system (OS) vulnerability detection across container images, registries and pipelines.
Building on existing exposure management capabilities, Tenable Cloud Security enables security teams to prevent OS vulnerabilities and other risks from being deployed in runtime environments.
A recent study conducted by Forrester Consulting on behalf of Tenable finds that 32% of organizations are planning to implement containers in the next 12 months, while over half (51%) have already done so. Containers are an increasing security concern as they make up a large percentage of the enterprise digital landscape.
Traditional container security efforts have focused on developer-driven tooling rather than involving the security team, which leads to increased silos and prevalent vulnerabilities.
Tenable Cloud Security agentless container scanning enables security teams to prioritize and prevent container OS vulnerabilities and other risks in multi-cloud environments using a single user interface. Security teams can leverage the same OS vulnerability detection they’ve come to trust from Tenable for container images.
By focusing on scanning images stored in container image registries and as part of DevOps workflows and pipelines, security teams can stop risky images from being deployed to production, reduce alert noise and scale container adoption across their organization safely and securely.
Tenable’s approach to container OS vulnerability management enables customers to:
- Gain complete visibility by monitoring, reporting and remediating vulnerabilities across the container deployment lifecycle in one place.
- Prevent exposures and reduce alert noise by embedding security controls into pipelines, stopping risky images from being deployed and auto-generating pull requests.
- Drive scale and efficiency by employing a single-policy framework that enables security teams to create preventive policies for system host vulnerabilities the same way they do for infrastructure misconfigurations.