technologyreseller.co.uk 31 CYBERSECURITY useless if you don't have experts using it,” explains Montel. In February, Tenable added another vital piece to its offering by expanding the Tenable One risk-based exposure management platform it had introduced in 2022 to provide visibility of a company’s IT, cloud and identity domains to include the OT and IoT domains as well. By aggregating data from Tenable OT, Tenable Identity, Tenable Vulnerability Management and Tenable Cloud Security, Tenable gives the C-suite – CIOs and CISOs in particular – a holistic view across all four domains. This, says Montel, enables business leaders to see if they are exposed to any threat and to evaluate the risk of that exposure to their business. “We have the ability to bring all those exposures together to answer one question at a very high level in an organisation: Am I exposed? What is the risk? What is the potential impact on business-critical assets? Tenable One lets you see which part of your organisation is currently at risk and why. It could be a misconfiguration or a new vulnerability that our system has identified in those assets that increases the risk of exposure.” Montel adds that as well as aggregating data from its own solutions, Tenable is planning to open Tenable One to third parties, including those specialising in detection. “We do not claim to have 100% visibility. Our systems can find a lot of information, but it could be that there is a system that is scanned by another company’s technology. We want to get that information back to us. From a governance perspective, we want to be the platform that answers that very simple question: Tenable partners with Sophos Sophos Managed Risk service leverages Tenable One exposure management platform As well as going to market through resellers and MSPs, Tenable has an ecosystem of technology partners like Sophos, which is using Tenable technology in its new worldwide vulnerability and attack surface management service, Sophos Managed Risk. Available from Sophos channel partners and MSPs, Sophos Managed Risk leverages the Tenable One Exposure Management Platform and input from security operations experts from Sophos Managed Detection and Response (MDR) to provide customers with attack surface visibility, continuous risk monitoring, vulnerability prioritisation, investigation and proactive notifications so that they can address exposures before they become a problem. Rob Harrison, Senior Vice President for Endpoint and Security Operations Product Management at Sophos, said: “Sophos and Tenable are two industry security leaders coming together to address urgent, pervasive security challenges that organisations continuously struggle to control. We can now help organisations identify and prioritise the remediation of vulnerabilities in external assets, devices and software that are often overlooked. It is critical that organisations manage these exposure risks, because unattended, they only lead to more costly and time-consuming issues and are often the root causes of significant breaches.” According to the Sophos report, Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector, 32% of ransomware attacks start with an unpatched vulnerability. Unpatched servers were one of the top entry points for breaches handled by Sophos Incident Response in 2023, along with exposed Remote Desktop Protocol (RDP) access. Craig Robinson, Research Vice President of Security Services at IDC, added: "One of the biggest challenges organisations face when improving their security posture is prioritising what to handle first. This type of guidance helps solve that issue and reduces the workload for security teams tasked with tackling vulnerability and exposure management. Solutions such as Sophos Managed Risk can be a differentiator by enabling overwhelmed teams to take a more holistic approach to continuous monitoring and threat management." www.sophos.com Am I exposed? Is that risky? We don't do detection, but it could be that if there is an agent deployed to an endpoint doing detection, we want to know as soon as it detects that a specific endpoint has been compromised. We get that information and then we try to find out why it was compromised. We need to close that door. We are the security guards saying ‘Guys, your door is open, please close it’.” AI developments Another area of development is AI. The cybersecurity industry has been using AI for years in behaviour analysis and risk scoring, and it is now exploring use cases for generative AI. Tenable is no exception. Last August it announced Exposure AI, an AI assistant that can answer questions from nontechnicians to help them understand vulnerabilities and risk more quickly. “With our ability to collect data from 90% or 99% of the attack surface, we are in a unique position to claim that we have holistic, I wouldn't say complete, but holistic data, and that data is crucial to be able to analyse and help customers, using generative AI, to accelerate exposure management,” says Montel. He cites the ability to search a huge database of centralised data to find out whether you are exposed to a new threat and for the generative AI to explain to nontechnicians in plain English what the risks are and how an attacker could get from a vulnerability to business-critical assets. “The first use case is search, the second is explain and the third is remediation. In the past, the remediation plan was static. You have a set of vulnerabilities – A, B, C – you patch that one, then that one, then that one. Now, continued...
RkJQdWJsaXNoZXIy NDUxNDM=