Tenable Enhances Nessus Risk Prioritization to Help Customers Expose and Close Exposures
Rhea-AI Summary
Tenable has announced new risk prioritization and compliance features for its Nessus vulnerability assessment solution. The enhancements include support for Exploit Prediction Scoring System (EPSS) and Common Vulnerability Scoring System (CVSS) v4, helping customers improve prioritization for risk reduction and maintain compliance. Tenable's Vulnerability Priority Rating (VPR) combines proprietary and third-party data to measure risk effectively.
Key features in this release include:
- EPSS and CVSS v4 support for informed prioritization
- Nessus Offline Mode for air-gapped environments
- Declarative Agent Versioning On-Prem for managing agent profiles
Positive
- Integration of EPSS and CVSS v4 into Nessus for improved risk prioritization
- Introduction of Nessus Offline Mode for secure scanning in air-gapped environments
- Addition of Declarative Agent Versioning On-Prem for better agent profile management
- Tenable VPR combines proprietary and third-party data for effective risk measurement
Negative
- None.
News Market Reaction 1 Alert
On the day this news was published, TENB declined 0.45%, reflecting a mild negative market reaction.
Data tracked by StockTitan Argus on the day of publication.
Integration of EPSS into Tenable exposure solutions ensures compliance and accelerates prioritization efforts
COLUMBIA, Md., Sept. 04, 2024 (GLOBE NEWSWIRE) -- Tenable®, the exposure management company, today announced new risk prioritization and compliance features for Tenable Nessus, the #1 vulnerability assessment solution in accuracy, coverage and adoption. Nessus supports new and updated vulnerability scoring systems—Exploit Prediction Scoring System (EPSS) and Common Vulnerability Scoring System (CVSS) v4—to help customers implement more effective prioritization for risk reduction and maintain compliance.
Due to evolving threats and expanding attack surfaces, organizations rely on multiple risk scoring systems, which are not effective risk qualifiers on their own to determine criticality. With Tenable Nessus, customers can take advantage of the latest industry-adopted vulnerability scoring systems—EPSS and CVSS v4—and Tenable Vulnerability Priority Rating (VPR) to identify and take action on the vulnerabilities that pose the greatest risk specific to their environment. Leveraging an advanced data science algorithm developed by Tenable Research, Tenable VPR combines and analyzes Tenable proprietary vulnerability data, third-party vulnerability data and threat data to effectively and efficiently measure risk.
“EPSS and CVSS are single variables in the risk equation—context around exposures delivers a deeper level of understanding around true risk,” said Shai Morag, chief product officer, Tenable. “Recent Tenable Research found that only
Key features in this release include:
- EPSS and CVSS v4 Support enables users to see and filter plugins by EPSS and CVSS v4 score, further informing prioritization strategy. This feature enables security teams to remain compliant with organizational policies that require the use of EPSS or CVSS as the primary scoring system.
- Nessus Offline Mode addresses challenges with conducting vulnerability scans offline in air-gapped environments. Building upon existing offline scanning capabilities, Nessus runs critical services only, removing unwanted traffic generated by functions that rely on an active internet connection, thereby ensuring the security of sensitive data within a secure environment.
- Declarative Agent Versioning On-Prem enables users to create and manage agent profiles in Nessus Manager for Tenable Security Center. Users can specify a product version for an agent deployed in an environment, thereby reducing disruptions in day-to-day operations and enabling users to adhere to enterprise change control policies.
Learn more about vulnerability and risk scoring by checking out the Inaugural Study of EPSS Data and Performance developed by Cyentia Institute and the Forum of Incident Response and Security Teams (FIRST).
Join the upcoming Tenable webinar titled, From Data to Defense: Harnessing Predictive Scoring to Strengthen Your Cybersecurity on September 12, 2024 at 2:00 pm ET, by registering here.
Tenable Nessus is available as a standalone product and is included in Tenable Security Center and Tenable Vulnerability Management. More information on Tenable Nessus is available at: https://www.tenable.com/products/nessus
About Tenable
Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com.
Media Contact:
Tenable
tenablepr@tenable.com
FAQ
What new features has Tenable (TENB) added to Nessus in September 2024?
How does Tenable's Vulnerability Priority Rating (VPR) work in Nessus?
What percentage of vulnerabilities result in impactful exposure according to Tenable Research?
When is Tenable (TENB) hosting a webinar on predictive scoring for cybersecurity?
