“Tenable’s solutions are now capable of extracting patch status information from the industry’s most popular patch management solutions, complementing the strong active and passive scanning capabilities we already deliver,” said Ron Gula, CEO of Tenable Network Security. “It’s essential to have a strong vulnerability management and patch management strategy – especially for large enterprises – and this tight integration will help businesses get better value from both systems.”
Patch Management Integration Benefits for Nessus and SecurityCenter Users: Tight integration allows Tenable solutions to quickly and reliably retrieve patch status from market-leading patch management systems. This capability delivers:
• Automated unified patch status reports, incorporating both the results of Nessus credentialed scans and data from patch management systems – leveraging Tenable’s familiar and trusted reporting format, significantly streamlining audits. • Patch status information for hosts where appropriate system credentials are unavailable or there is limited networking capability – expanding the scope of vulnerability assessment to additional systems. • Permits special handling of backported patches in systems like Red Hat. Backported patches are code updates from current software releases applied retroactively to older, deployed software to prevent exploit. The practice can lead to inaccurate reports of vulnerabilities. • Flexible scanning policies can avoid scanning sensitive systems.. • Identification of hosts not being managed by patching systems, helping to avoid exploits from fast-spreading attacks. • Correlation with log, event, and threat and exploit intelligence – helping prioritize responses and ensuring the most critical issues are addressed first.
Nessus plugins supporting VMware and Microsoft patch management systems are available in the Nessus ProfessionalFeed immediately. Red Hat support will be distributed in the ProfessionalFeed by Friday, December 9.
Tenable Network Security’s continued success comes from its unique approach to helping enterprises and government agencies secure their networks from targeted attacks, internal misuse and compliance violations. The company’s Unified Security Monitoring platform is the only solution which provides continuous assessment and monitoring of vulnerability, patch, configuration, log, event, network and threat intelligence across virtual, cloud and mobile assets into a single database. Live dashboards, standardized reports and 3D visualization automate analysis and reporting for executive management, for auditors and security practitioners.
For more information on Tenable’s Nessus Vulnerability Scanner, the USM platform and its integration with third-party patch management solutions, please visit: www.tenable.com.