Tenable Press Release – 6 December 2011
Tight integration bridges vulnerability management and patch management solutions delivering expanded coverage, significant time and cost savings, and improved compliance
Tenable Network Security, Inc., the leader in Unified Security Monitoring (USM), announced today its Nessus Vulnerability Scanner, the industry’s most widely deployed vulnerability assessment solution, and SecurityCenter now integrate with top patch management solutions.
The new support spans Red Hat Network Satellite Server, Microsoft Windows Server Update Services (WSUS), Microsoft System Center Configuration Manager (SCCM), and VMware Go (formerly Shavlik). The integration, unique to Tenable, bridges the gap between vulnerability management and patch management solutions – providing broader vulnerability assessments, helping eliminate the possibility of false positive reports of missing patches, and saving time and reducing costs through streamlined reporting, stronger security, and improved compliance.
“Tenable’s solutions are now capable of extracting patch status information from the industry’s most popular patch management solutions, complementing the strong active and passive scanning capabilities we already deliver,” said Ron Gula, CEO of Tenable Network Security. “It’s essential to have a strong vulnerability management and patch management strategy – especially for large enterprises – and this tight integration will help businesses get better value from both systems.”
Patch Management Integration Benefits for Nessus and SecurityCenter Users
Tight integration allows Tenable solutions to quickly and reliably retrieve patch status from market-leading patch management systems. This capability delivers:
- Automated unified patch status reports, incorporating both the results of Nessus credentialed scans and data from patch management systems – leveraging Tenable’s familiar and trusted reporting format, significantly streamlining audits.
- Patch status information for hosts where appropriate system credentials are unavailable or there is limited networking capability – expanding the scope of vulnerability assessment to additional systems.
- Permits special handling of backported patches in systems like Red Hat. Backported patches are code updates from current software releases applied retroactively to older, deployed software to prevent exploit. The practice can lead to inaccurate reports of vulnerabilities.
- Flexible scanning policies can avoid scanning sensitive systems..
- Identification of hosts not being managed by patching systems, helping to avoid exploits from fast-spreading attacks.
- Correlation with log, event, and threat and exploit intelligence – helping prioritize responses and ensuring the most critical issues are addressed first.
Nessus plugins supporting VMware and Microsoft patch management systems are available in the Nessus ProfessionalFeed immediately. Red Hat support will be distributed in the ProfessionalFeed by Friday, 9 December 2011.
Tenable Network Security’s continued success comes from its unique approach to helping enterprises and government agencies secure their networks from targeted attacks, internal misuse and compliance violations. The company’s Unified Security Monitoring platform is the only solution which provides continuous assessment and monitoring of vulnerability, patch, configuration, log, event, network and threat intelligence across virtual, cloud and mobile assets into a single database. Live dashboards, standardized reports and 3D visualization automate analysis and reporting for executive management, for auditors and security practitioners.
For more information on Tenable’s Nessus Vulnerability Scanner, the USM platform and its integration with third-party patch management solutions, please visit www.tenable.com