TENABLE ONE:Transforming Vulnerability Management into Exposure Management
This webinar provides a comprehensive overview of how Tenable One shifts organizations from traditional vulnerability management to a proactive exposure management strategy, detailing its capabilities for unified visibility, risk prioritization, and streamlined remediation.
[00:00:00] Understanding Exposure Management and the Evolving Threat Landscape
This section discusses the strategic importance of exposure management, outlining the challenges faced by organizations in a rapidly expanding attack surface and introducing Tenable's approach to consolidating disparate security insights.
- Shift to Exposure Management: Explores the move from managing individual vulnerabilities and misconfigurations to identifying "toxic combinations" that pose the greatest impact on an organization's crown jewels and mission-critical applications.
- Common VM Challenges: Addresses issues like tool and vendor sprawl, lack of an attack path perspective, rapid technology adoption (cloud, OT, AI), and the overwhelming noise from siloed security findings.
- Attack Perspective: Emphasizes that attackers don't operate in silos; they exploit relationships between assets, identities, and misconfigurations, highlighting the need for a holistic view of potential attack paths.
- Tenable One's Approach: Introduces Tenable One as a platform that unifies vision by collecting data from Tenable and third-party tools, unifies insight through normalization and business context, and mobilizes action with reporting and automated remediation.
[00:30:41] The Tenable Journey: Evolving from VM to Exposure Management
This segment shares Tenable's own successful transition to an exposure management framework, illustrating the tangible benefits of a unified approach and tracing the maturation path from basic vulnerability management to a comprehensive exposure management strategy.
- Tenable's Transformation: Highlights Tenable's internal experience in unifying visibility across 15 tools in 48 hours, leading to a 10x increase in attack surface visibility and a massive reduction in alerts (15,000 to 10 tickets).
- Evolution Stages: Details the progression from Traditional Vulnerability Management (tactical, large reports), to Risk-Based Vulnerability Management (adding business context and threat intelligence), Unified Vulnerability Management (bringing all attack surface types together), and finally to Exposure Management (incorporating identity, permissions, and attack path analysis).
- Identity's Critical Role: Stresses the importance of identity as the connective tissue in attack paths, enabling a better understanding of lateral movement and privilege escalation possibilities, which traditional vulnerability management often misses.
- Future Directions: Discusses the potential for integrating compensating controls (like firewalls and other security solutions) into the exposure management model to further enhance risk reduction.
[00:46:27] Unified Asset Inventory and Software Management
This section delves into the core of Tenable One's unified asset inventory, demonstrating how it consolidates diverse asset and software data, normalizes risk scoring, and provides deep, actionable insights across the entire attack surface.
- Consolidated Asset View: Provides a single pane of glass for all assets, including those across multiple cloud environments (AWS, Azure, GCP, Oracle Cloud), OT, and IT, offering complete visibility.
- Asset Exposure Scoring (AES): Explains the normalized AES, which combines vulnerability data with automatically assigned asset criticality to quickly identify the riskiest assets in the environment.
- Detailed Asset Insights: Shows how to drill down into specific asset details, including associated users, relationships, attack paths, operating system information, open ports, and installed software, consolidating data from various sources including third-party connectors.
- Unified Software Inventory: Demonstrates the ability to view all software across assets, filter by end-of-life status, versions, and hosts, and efficiently answer queries about software presence and deployment.
- Centralized Findings: Illustrates a unified view of vulnerabilities and weaknesses (misconfigurations), emphasizing the use of Tenable's Vulnerability Priority Rating (VPR) for prioritization, even for findings from third-party tools like Microsoft Defender for Endpoint.
[01:31:01] Leveraging Exposure Signals for Laser-Focused Remediation
This segment explains how Exposure Signals in Tenable One enable organizations to pinpoint the most critical risks by combining vulnerability data with business context, thereby facilitating a more strategic and effective remediation approach.
- Targeted Risk Identification: Shows how Exposure Signals move beyond generic "patch all criticals" directives to a more focused approach, such as "patch criticals on externally facing assets," enabling teams to prioritize work that truly reduces exposure.
- Built-in Signals: Presents pre-configured exposure signals like "Web app with end-of-life technologies" or "Crown jewels with attack paths," which provide immediate insights into critical risk combinations from various data sources.
- Custom Signals (Future Capability): Mentions the ability to create custom exposure signals, allowing organizations to define their own specific risk combinations based on their unique environment and business context.
- Advanced Vulnerability Intelligence: Highlights how the platform incorporates advanced telemetry, such as whether a functional exploit exists, if a vulnerability is part of an active campaign by a specific hacking group, or if it targets particular geographies or industries, to further refine prioritization.
[02:00:16] Visualizing and Mitigating Attack Paths
Discover the power of Attack Path Analysis within Tenable One, which visualizes potential attacker routes to critical assets, helps understand lateral movement, and identifies key "choke points" for effective mitigation strategies.
- Visualizing Attack Routes: Demonstrates a matrix view of attack paths based on the exposure score of source nodes and the criticality of target assets, offering a clear visual representation of high-risk routes.
- Understanding Attack Techniques: Explores how Tenable One identifies and categorizes attack techniques (e.g., RDP, exploitation of remote services), providing detailed information about each step in a potential attack chain.
- MITRE ATT&CK Integration: Shows the mapping of identified attack techniques to the MITRE ATT&CK framework, allowing security teams to understand their vulnerabilities in the context of known adversary tactics and techniques for enterprise and ICS environments.
- Choke Point Analysis with AI: Illustrates the AI assistant's capability to analyze complex attack paths and recommend optimal "choke points" – specific vulnerabilities or misconfigurations where remediation would most effectively disrupt the entire attack path, along with recommended mitigations.
[02:26:01] Streamlining Action with Ticketing and Reporting
This section explores how Tenable One facilitates actionable remediation through automated ticketing system integrations and provides comprehensive, business-aligned reporting to track security posture and operational efficiency.
- Automated Ticketing: Demonstrates the ability to automatically create and manage tickets in IT service management (ITSM) systems like Jira and ServiceNow directly from Tenable One, integrating remediation workflows seamlessly into existing operational processes.
- Custom Initiatives: Shows how to define exposure initiatives based on specific tags (e.g., business units, locations) and vulnerability types (e.g., remotely exploitable, ransomware vulnerabilities), allowing for targeted remediation campaigns.
- Global Exposure Cards: Introduces the concept of global cyber exposure scorecards, providing an overall risk rating (A-F), allowing organizations to set target scores, and benchmarking their security posture against Tenable's overall customer population and industry peers.
- Benchmarking and Trends: Highlights the ability to track trends in the exposure score over time, with clear indicators of events that cause score changes, enabling security teams to understand and communicate the impact of their efforts.
- Remediation SLAs and Velocity: Illustrates how to set and track remediation Service Level Agreements (SLAs) for different risk levels and visualize remediation velocity, providing insights into team performance and identifying bottlenecks in the patching process.
Watch the Full Webinar
Dive deeper into how Tenable One can revolutionize your organization's cybersecurity posture by providing unparalleled visibility and actionable insights across your entire attack surface.
Tenable One
申请演示
全球领先的由 AI 驱动的暴露风险安全管理平台。
谢谢
感谢关注 Tenable One。
我们的代表会尽快与您联系。
Form ID: 7469
Form Name: one-eval
Form Class: c-form form-panel__global-form c-form--mkto js-mkto-no-css js-form-hanging-label c-form--hide-comments
Form Wrapper ID: one-eval-form-wrapper
Confirmation Class: one-eval-confirmform-modal
Simulate Success