Tenable launches new features to boost vulnerability management

Tenable has announced the release of two new features, Vulnerability Intelligence and Exposure Response.

These context-driven prioritisation and response features aim to assist organisations in identifying and mitigating vulnerabilities that pose significant threats to their operations.

The vulnerability management sector, which is valued at approximately USD $16 billion, has not seen major innovations in recent years. Tenable asserts the latest release fills this gap, enabling enterprises to manage and combat exposures more effectively.

According to Tenable, the cybersecurity landscape is cluttered with fragmented vulnerability and threat intelligence data. Research conducted by the company suggests that only about 3% of vulnerabilities lead to impactful exposure. The newly launched capabilities intend to help security teams to isolate these critical vulnerabilities. Gavin Millard, Tenable's VP of Product Management for Vulnerability Management, noted, "Without threat context and research insights, every vulnerability is a priority, creating a high-stress, low-efficiency whack-a-mole scenario for security teams."

Vulnerability Intelligence and Exposure Response provide actionable intelligence and context, helping security professionals focus on the vulnerabilities most important to their organisation. "Tenable is unleashing more than two decades of carefully curated exposure data to enable security teams to focus on the risk that matters most to their organisation and communicate succinctly to stakeholders," Millard added.

Over the past 20 years, Tenable has analysed 50 trillion data points covering more than 240,000 vulnerabilities. This extensive database enriches Tenable Vulnerability Intelligence and aids in creating a proactive defence mechanism. The integration of comprehensive vulnerability sources and context-driven data aims to make it easier for security teams to prioritise and remediate exposures efficiently.

Customers using Tenable Vulnerability Management and Tenable One can access Vulnerability Intelligence and Exposure Response. Additionally, Vulnerability Intelligence can be directly accessed from Tenable Cloud Security. Key features of these capabilities include a Threat Landscape Overview, Natural Language and Advanced Search, Campaign-Based Initiatives, and Progress Tracking and Advanced Reporting.

The Threat Landscape Overview offers seven curated exposure risk categories, highlighting Common Vulnerabilities and Exposures (CVEs) under CISA known exploits, active exploitation, ransomware campaigns, emerging threats, and more. This overview provides a distinct method for security teams to identify and further investigate key exposures.

Natural Language and Advanced Search allow users to search for specific vulnerabilities by CVE number or common name. This function helps security teams quickly surface impacted assets and understand vulnerability context, improving the efficiency of their response efforts. Advanced query functionality in this feature enables pinpointing high-impact vulnerabilities through various metrics, including VPR key drivers, common vulnerability scoring system (CVSS) metrics, and Tenable Research metadata.

Campaign-Based Initiatives facilitate targeted campaigns through streamlined workflows, aimed at better prioritising and mitigating critical vulnerabilities. This feature promotes the efficient use of resources and heightened security outcomes. Progress Tracking and Advanced Reporting provide comprehensive visibility into remediation efforts, detailed reporting on vulnerability trends, and data-driven decision-making capabilities.

Vulnerability Intelligence and Exposure Response aim to help organisations prioritise asset exposures according to criticality, monitor remediation trends, and effectively track progress. These capabilities assist in ensuring resources are used efficiently, reducing risk, and communicating value to stakeholders in a clear and actionable manner.