VanDyke VShell Product Overview by E-SPIN
0
/ Published in Brand, Product, Solution, Tenable

Tenable.cs as cloud-native security platform

What is Tenable.cs?

Tenable.cs is a developer-friendly, cloud-native application platform that allows organisation to secure cloud resources, container images and cloud assets as well as providing end-to-end security from code to cloud to workload.

Tenable and Accurics
Accurics is a now a part of Tenable. With believe that Infrastructure as Code (IaC) is the future cloud, Tenable completed its acquisition with Accurics in October 2021.

Accurics is a cloud-native security platform that establishes security control from code to cloud from a single definition of security and compliance policy. It is a platform that secure your cloud-native applications while leveraging the single and multicloud as well as hybrid cloud throughout their entire lifecycle.

Like the former Accurics platform, Tenable.cs provides a single platform for cloud security from design through runtime, leveraging a single definition of security and compliance policy, however with extended capabilities.

Key Features:

1. Cloud Security as Code

Tenable.cs focuses on strengthening and establishing your DevSecOps practice through:

Policy as code
Tenable.cs provides continuous assesment by capturing security policy as code, for example, CIS benchmark. With this feature, tenable.cs continuously detect non-compliance across Infrastructure as code at build-time and at the same time enforces of security policies before deployment (CI/CD).

Governance as code
Tenable.cs offers automated Governance by capturing security governance decisions such as exception within infrastructure as code (IaC). It leverages code repositories for governance workflow and audit.

Drift as code
Tenable.cs supports continuous detection of infrastructure changes in runtime thus report the policy non-compliance as infrastructure as code .In an incident where runtime configuration drifts away from the IaC, remediation as code will revert the vulnerable changes to propagate the safe changes to the IaC.

Security as code
Tenable.cs gives advanced security. With Tenable.cs, potential breach paths and blast radius are identified and assessed to understand vulnerabilities of application as well as prioritize risk resolution.

Remediation as code
Tenable.cs promotes automated remediation. Once a vulnerabilities or exposure is detected, Tenable.cs will automatically generates Infrastructure as code for remediation. The remediation code is then checked into the repository as a pull-requests (GitOps) and force security remediation as Iac directly to the related developers.

2. Security from Build-time to Runtime
Tenable.cs delivers full lifecycle Cloud native security from build-time to runtime.

In build-time phase, Tenable.cs enables developer to integrate security by

  • integrating into the IDE and pipeline to detect flaws in Infrastructure as Code
  • assessing Infrastructure as Code on commit or merge requests.
  • integrating into the CI/CD pipeline to detect flaws in containers and third-party libraries before deployment

In runtime phase, Tenable.cs helps the security and operation team to enforce security by

  • supporting continuous scanning and assessing Kubernetes and cloud infrastructures to detect drift.
  • allowing detection of flaws in running containers and compute instances without deploying scanners or installing agents.
  • enabling merge critical ad hoc changes and needed remediation steps back into build.

3. Added Developer focused features

  • Tenable.cs is supported with various features that facilitates developers capabilities which include:
  • Ability to integrate the platform with IDE to get continuous security syntax monitoring of your Infrastructure as Code.
  • Creating Infrastructure as Code snippets from running cloud configurations automatically,
  • Reduce effort by continuously being in compliance with defined security policies in every commit.
  • Ability to integrate the assessment and findings into your trusted or favourable tools, for example, Github, Gitlab, Jenkins, Slack, Bitbucket and many more.
  • Freely available infrastructure as Code assessment tool as tenable cs is built on the foundations of Terrascan.

4. Full Stack cloud-native security

Tenable cs. delivers security in every steps from

  • development tools which include JiRA, Jenkins, GitLab and GitHub as well as bitbucket
  • infra as code including kubernetes, codecommit, arm and terraform
  • cloud such as aws, google cloud and azure
  • compute like docker, amazon lamda and amazon EC2
  • apps which include API

Capabilities:

1. Enhances User Experience

2. Improved runtime capabilities and reporting

3. Better integration with development workflows

Advantages:

Tenable.cs can be a standalone solution, as part of Tenable.io or addition to Tenable.ep.

Complete integration of Tenable.cs into Tenable.ep gives tenable the ability to deliver an integrated, end-to-end security solution and a complete picture of cyber risks across the modern attack surface with unified visibility into code, configurations, assets and workloads.

Organisations can identify the cyber risk of their cloud resources as well as other assets including IT assets, web apps and containers. Tenable.ep facilitates organisations in understanding cyber risk in the wider perspective of their business through visibility and reporting, unified workflow and advanced analytics to assist users assess and prioritise matters that are crucial to their organisation.

Tenable.cs data is completely integrated into Tenable.io to provide unified views of assets and vulnerabilities.

Tagged under: , , ,

What you can read next

Adobe Photoshop Lightroom Classic
Session Hijacking
Wireless Site Survey Services Product Overview by E-SPIN
Wireless Site Survey Services Product Overview by E-SPIN

Leave a Reply

Your email address will not be published. Required fields are marked *