Nessus Cloud is Now a Part of Vulnerability Management

Share and earn Cybytes
Facebook Twitter LinkedIn Email

This week, Tenable made an exciting announcement about™, our new, modern vulnerability management platform built for today’s elastic assets. The platform will include state-of-the-art applications for specific business needs, the first of which is Vulnerability Management. In the near future, we’ll release additional applications for container security, web application scanning, and more.

For Nessus® Cloud customers, this first application is important because Nessus Cloud has evolved into Vulnerability Management. Vulnerability Management will be familiar to anyone who has used or seen Nessus Cloud in the past. All the capabilities that were in Nessus Cloud are now a part of Vulnerability Management, including:

  • Running vulnerability assessments for software flaws, configuration issues and malware detection using Nessus scanners and/or agents to reduce your attack surface
  • Sharing scan resources, such as scanners, policies, and results for more efficient use of Vulnerability Management
  • Integrating with complementary solutions like credential management, mobile device management, and patch management systems

Along with the previous Nessus Cloud features, Vulnerability Management also offers new capabilities that will help security professionals solve some of the very tough vulnerablity management challenges that come up in today’s dynamic IT environments.

Asset tracking delivers reliable results

Historically, vulnerability management solutions have tracked vulnerabilities by IP address. In recent years, IP-based vulnerability tracking has become more of a problem because many assets today have multiple IP addresses. Or for elastic assets like cloud instances, the IP address is often irrelevant. In situations like these, traditional vulnerability management solutions – relying solely on IP addresses – will simply provide inaccurate results. Vulnerability Managment offers a highly accurate way to track assets and vulnerabilities on those assets. It employs an advanced asset identification algorithm that uses an extensive set of attributes such as Tenable ID, NetBIOS name, MAC address, and many others to accurately track assets, changes to assets, and vulnerabilities on those assets.

Asset tracking enables to deliver the most accurate count and state information about vulnerabilities. There’s no duplicate counting of vulnerabilities on assets that have multiple IP addresses or mis-counting on assets that can have short-lived IP addresses like cloud instances. With this greater visibility and insight, security professionals are armed to make better decisions about where to focus resources and priorities to best protect their environments.

Customer friendly elastic asset licensing

Building on the foundation of asset tracking, Vulnerability Management customers also benefit from elastic asset licensing – the industry’s only licensing approach based on assets instead of IP addresses. Other vulnerability management solutions today follow rigid IP-based licensing, and for most organizations this results in increased cost, as IP counts can be challenging to gather accurately. follows a flexible and customer-friendly elastic asset licensing model, enabling users to monitor and adjust license consumption and then true-up when necessary, while continuing to use the product. automatically reclaims licenses from assets not scanned for 90 days – without deleting the data.

Dashboards and reports

To make it easier for security professionals to get insight into vulnerability data, there are a number of new dashboards and reports in Vulnerability Management. For example, there’s a new dashboard that specifically identifies those vulnerabilities that are exploitable by malware, which for many organizations will sit higher on the remediation list than others. The example below shows a dashboard that highlights patching status, which can be helpful for organizations that have goals like “fix all high priority vulnerabilities within 30 days.” VM Outstanding Patch Tracking All Assets Dashboard

Next steps

This initial introduction of and Vulnerability Management is just the start. I look forward to sharing more new capabilities throughout 2017 and beyond.

If you have been using Nessus Cloud, the evolution to Vulnerability Management is seamless and requires no action on your part. When you log in, you’ll see the new name, and more importantly, new capabilities available to you.

If you’re new to Vulnerability Management, we’d love to have you learn more or take the application for a test drive. Here are a few resources that will help get you started:

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Tenable
Tenable™, Inc. is the Cyber Exposure company. Over 24,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deeply understand assets, networks and vulnerabilities, extending this knowledge and expertise into™ to deliver the world’s first platform to provide live visibility into any asset on any computing platform. Tenable customers include over 50 percent of the Fortune 500, large government agencies and organizations across the private and public sectors. Learn more at
Promoted Content
Five Steps to Building a Successful Vulnerability Management Program
Is your vulnerability management program struggling? Despite proven technology solutions and the best efforts of IT teams, unresolved vulnerabilities remain an ongoing source of friction and frustration in many organizations. Regardless of how many vulnerabilities are fixed, there will always be vulnerabilities that can’t easily be remediated – and too often, finger-pointing between IT teams and business groups can ensue.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?