Tenable®, Inc., the Cyber Exposure company, unveiled Tenable.io™ Lumin, a new Tenable.io application that for the first time empowers CISOs to confidently visualise, analyse and measure their organisation’s Cyber Exposure.
Digital transformation has radically increased the number and type of new technologies and compute platforms – from Cloud to IoT to Operational Technology – and led to dramatic growth in the attack surface. This expanding attack surface has given rise to an unrelenting barrage of vulnerabilities. 2017 was a record year for vulnerabilities, with more than 60% detected by Tenable customers classified as high or critical severity, according to Tenable Research.
CISOs struggle to gain basic visibility into this dynamic computing landscape and when faced with 1,000s of WannaCry-level severity issues at any given time, find it nearly impossible to prioritise where to focus remediation. At the same time, cyber risk is one of the top business risks for CEOs and boards of directors.
CISOs are constantly being asked to quantify the organisation’s cyber risk and compare it to best-in-class security and industry peers, yet lack an effective way to measure and communicate this data to the Board.
Tenable.io Lumin is the industry’s first Cyber Exposure offering which tackles these problems head-on by visualising, analysing and measuring the organisation’s Cyber Exposure across the entire modern attack surface. Tenable.io Lumin combines vulnerability data with asset business criticality and threat context so CISOs can focus their teams on the issues that matter most to the business.
Tenable.io Lumin also uniquely applies data science to the industry’s richest set of vulnerability intelligence so CISOs can quantify their organisation’s cyber risk, benchmark it against the industry and make better strategic decisions at the Board level. Tenable.io Lumin arms the CISO with the insight needed to improve cybersecurity effectiveness over time and effectively communicate cyber risk to the business.
Tenable.io Lumin, in concert with the other Tenable.io applications, empowers organisations to answer four critical questions at all times: Where are we exposed? Where should we prioritise efforts based on risk? How are we reducing our exposure over time? How does our cyber hygiene compare to our peers?
“In spite of decades of hard work, the attackers have the advantage. The stakes are too high for the status quo to remain,” said Dave Cole, chief product officer at Tenable. “We must come together as an industry to transform vulnerability management, putting the CISO in the driver’s seat so organisations can proactively measure and manage cyber risk in the same way as other business risks, such as production forecasting and managing potential supply chain disruptions.
It’s time to flip the advantage into the hands of Security. Cyber Exposure will help drive this transformation, and Tenable.io Lumin is a significant step forward to making this a reality.”
Key capabilities of Tenable.io Lumin include:
- Exposure analytics and benchmarking: Analyse and benchmark Cyber Exposure objectively across internal groups and industry peers, for example, time to remediate critical exploitable vulnerabilities as compared to best-in-class organisations and organisations of similar size and industry. Benchmarking data is fueled by the unique combination of Tenable product telemetry and the human intelligence of the Tenable Research team. This combination brings together vulnerability intelligence with cybersecurity and data science expertise.
- Risk-based scoring and prioritisation: Advanced risk-based Cyber Exposure scoring weighs vulnerabilities, threat data, and each asset’s business value and criticality, providing clear guidance about where to prioritise remediation efforts based on risk.
- Third-party data APIs: Import, normalise, and consolidate third-party vulnerability and asset data alongside Nessus® vulnerability data within Tenable.io. Out of the box APIs include Qualys for vulnerability data, Amazon Web Services for cloud workload data and ServiceNow for IT asset data (generally available in 2018). A single view makes it easier for large organisations using multiple solutions to manage Cyber Exposure holistically.
Tenable.io Lumin is a new application within Tenable.io, the industry’s first Cyber Exposure platform for securing the full range of modern assets, from IT to Cloud to IoT to OT. Tenable.io Lumin will work with and complement Tenable’s purpose-built solutions for Vulnerability Management, Container Security, Web Application Scanning and Industrial Security, an Operational Technology security offering brought to market jointly with Siemens.
Tenable will begin a beta for Tenable.io Lumin in Q2 2018 and unveil new capabilities throughout 2018. The product will be generally available in the second half of 2018.