businessinfomag.uk magazine 18 CYBERSECURITY Plus ça change… James Goulding recently met up with Bernard Montel, Technical Director and Security Strategist at Tenable, to discuss how the Exposure Management company is developing its product offering in response to a fluid and expanding attack surface populated with under-protected and unpatched external and internet-facing assets development and acquisitions to extend its vulnerability and exposure management capabilities to areas it didn’t cover before, such as OT (operational technology), IoT (internet of things) and the cloud, all the while maintaining its focus on identifying and proactively addressing exposures before they can be exploited and become a problem. “In cybersecurity, we speak of prevention, detection and response, and Tenable is in the domain of prevention,” explains Montel. “The classic analogy, I would say, is that before leaving your house and locking the front door, you check all your doors and windows are closed, regardless of whether you have an alarm system or not. An alarm system will detect if someone is entering your house and send you a notification, but by then it’s already too late. We believe that if you prevent, you will have less to detect.” He adds that while some of Tenable’s acquisitions have included detection capabilities, particularly in the cloud, their primary purpose has been to give customers more visibility and a holistic view of those doors and windows to identify any that might have been left open and to highlight the attack path a bad actor might take to get from there to business-critical assets. “We don't do detection and Tenable started out about 20 years ago with a scanner designed to help IT professionals find flaws and misconfigurations in their networks, connected devices and applications, and that is essentially what it still does today – scanning devices, looking for vulnerabilities that an attacker could exploit and recommending next steps for remediation based on a risk-based approach to exposure management. While Tenable’s core mission has remained the same over the last 20 years, the IT landscape has changed greatly. Instead of protecting IT within an organisation by defending the network perimeter with firewalls – Tenable Technical Director and Security Strategist Bernard Montel uses the analogy of a castle and moat – cloud, IoT, smartphones and modern working practices have created a more complex, dynamic and highly connected attack surface. “I would say the perimeter doesn't exist anymore,” says Montel. “I’m not saying that we don't have firewalls or that we don't have IT internally. We still have it. But now it’s highly connected to a lot of stuff outside.” As the attack surface has expanded, Tenable has used a combination of in-house response, or rather we only do it slightly. Our core DNA is prevention,” he says. New capabilities In December 2019, Tenable acquired Indegy Ltd, a company that was doing in the OT and IoT space exactly what it does in IT, enabling it to extend vulnerability management to manufacturing and industrial organisations that in the last five years have increasingly been connecting legacy systems to internal IT, IoT sensors/cameras and the cloud. It followed this with the acquisitions of Alsid SAS, a French company specialising in uncovering vulnerabilities in Active Directory, in April 2021, and of Ermetic, a cloud-native application protection platform (CNAPP) company and leading provider of cloud infrastructure entitlement management (CIEM), in October 2023. As a result, Tenable is now able to discover assets and find vulnerabilities in and between them – attack paths that could be exploited by bad actors – and propose a tailored remediation plan, with risk-based prioritisation, for the four domains of IT, OT, identity and cloud. Holistic visibility In February, Tenable added another vital piece to its offering by expanding the Tenable One risk-based exposure management platform it had introduced in 2022 to provide visibility of a company’s IT, cloud and identity domains to include the OT and IoT domains as well. By aggregating data from Tenable OT, Tenable Identity, Tenable Vulnerability Management and Tenable Cloud Security, Tenable gives the C-suite – CIOs and CISOs in particular – a holistic view across all four domains. Bernard Montel
RkJQdWJsaXNoZXIy NDUxNDM=