Tenable Vulnerability Management Accelerates Security Response with Context-Driven Prioritization

Vulnerability management has long been a cornerstone of effective cybersecurity. As modern threats grow more complex and regulations continuously evolve, security solutions must also advance.

In an exclusive interview with CRNtv Host Sydney Neely, Gavin Millard, deputy CTO and VP of product at Tenable, shares how Tenable is leading the way in vulnerability management with their innovative technology.

Vulnerability management has been crucial for effective cybersecurity for years. How has it evolved recently to address new challenges and threats?

The attack surface that we're protecting has changed dramatically over the last few years. It's increased in scale, complexity, and the different asset types they're involved in. Vulnerability management has had to adapt to that to scale at the same rate and detect new asset types and ingest data. It needs to be able to gain visibility across every attack surface.

We're also seeing a huge increase in vulnerabilities being disclosed. Being able to prioritize those vulnerabilities is incredibly critical. Having 22,000 vulnerabilities being disclosed and having to fix all of them is not acceptable, especially when you're dealing with a very large attack surface. Also, the time to exploit these vulnerabilities has also dramatically decreased. So rather than taking days or weeks to be able to leverage a new disclosed vulnerability, it can sometimes take even just hours.

Being able to very quickly identify where you're exposed to these critical vulnerabilities and then be able to prioritize which things to fix first, is now crucial to a good vulnerability management program.

How is Tenable driving innovation and enhancing its product offerings to stay ahead in the cybersecurity landscape?

Tenable has been pioneering the approach of exposure management, and that's taking vulnerabilities and contextualizing it with lots of other information. Threat information helps predict the likelihood of a vulnerability will be leveraged. Things like identity, who is associated with the asset and is that asset important, provides the ability to predict the criticality of an asset. All of this is powered by our machine learning AI that we've invested very heavily in in the last few years and our data lake that powers a lot of the platform.

When it comes to threats, what we're also doing is surfacing all the threat information that we gather on every single vulnerability. Empowering our users to be able to make the decisions on the right vulnerabilities to address dramatically reduces the vulnerabilities that they need to deal with.

So as an example in vulnerability intelligence, I'll be able to see a timeline of every single vulnerability - when it was disclosed, whether proof of concept was made available for it, whether it's being leveraged by attackers, whether it's using ransomware or any other attack technique. That piece of information is critical in deciding which vulnerabilities need to be addressed.

What makes Tenable an ideal partner for MSSPs and channel partners in delivering comprehensive vulnerability management solutions to their customers?

When the next big bug hits, the first thing a customer is going to do is ask their trusted partner, “Is this important and where are we exposed?” We're the company that helps answer both of those questions. We have an MSSP offering that partners can leverage to help their customers understand which assets are affected by these vulnerabilities, describe the criticality of that vulnerability using vulnerability intelligence, and be able to help their customers focus on the assets that matter.

We're also 100% channel focused. We've got coverage across the globe working very closely with our customers both on selling through to their clients, but also offering these MSSP services.

If you would like to learn more about Tenable and how they can help you stay ahead of cybersecurity threats, visit Tenable.com.