Tenable Network Security has announced the launch of SecurityCenter 5, to add continuous network monitoring and “Assurance Report Cards”, an innovation designed to help users measure and communicate the effectiveness of their security program to C-level executives, board members and business managers, helping align security policies with business objectives.
The company said that ARCs enable CISOs to measure, analyse and visualise the security posture of their IT enterprise, and report results in an intuitive report card format. SecurityCenter 5 comes pre-loaded with ARCs that correspond to the five most common security objectives found in security standards issued by organizations around the world—including the NIST Cybersecurity Framework, PCI DSS, the National Campaign for Cyber Hygiene, the Australian Fovernment’s Strategies to Mitigate Targeting Cyber Intrusions and the Center for Internet Security’s 20 Critical Security Controls.
Strategist Cris Thomas told IT Security Guru that additions to SecurityCenter 5 give users a continuous view of the network to know what is running and what security issues you may have. “Nessus is part of it and we thought it was easier for users if everything was in one spot as with so many tools, from a user perspective it is one product,” he said.
“We added the ARCs function which tells the administrator to take a look at the network and know what is working and know what apps are on the network, so you know what is out of date and get patches and know what is not configured.”
He explaomed that having looked at the various lists it identified three commodities: inventory hardware and software; what needs to be patched; and user authentication.
“With 10,000 endpoints you cannot see all of the endpoints due to mobile devices, and you need a view of what needs attention and you can apply a patch on what you need to use and create a ticket,” he said.
“If we know what stops and had a way to protect the network and monitor users, with network tools it is less work but fewer problems with SecurityCenter 5.”
He explained that fundamentally, it makes defence easier as a lot of critical software runs there and there is not the resources to stop it, and it is an issue for everyone.
“The whole operating system is a mess, and with this solution it will be better as we can tell you what is running and what needs a patch,” he said. “It is up to businesses to apply patches and what we control is a way to patch the operating system and infrastructure and SecurityCenter 5 is a way to know what is really vulnerable. I hope we can help as a lot of it is really security 101 level stuff.”
Renaud Deraison, chief product officer of Tenable Network Security, said: “Tenable’s Assurance Report Cards take the guesswork out of security. A CISO can walk down the hall to the CFO’s office, share a customised report card for their business on his iPad, and start a conversation on how secure and compliant they are—all in a matter of minutes. He doesn’t have to wait for a periodic assessment to complete, and he doesn’t have to spend time compiling critical metrics. It’s all there at his fingertips when and where it’s needed.”