Story image

Tenable & ServiceNow partner to address blindspots in cyber risk understanding

12 Mar 18

ServiceNow and Tenable have formed what they call a ‘strategic security alliance’ to address organisations’ blind spots in understanding cyber risk.

The two companies have integrated the Tenable Cyber Exposure Platform and ServiceNow Security Operations to address cyber risk management.

“Security teams can’t declare ‘mission accomplished’ after the vulnerability scan alone,” comments ServiceNow’s security business general manager Sean Convery.

“Together, Tenable and ServiceNow give customers an understanding of business impact and security risk, so patching and other response actions can have maximum impact and accelerate remediation.”

They believe that organisational silos separate security and IT teams. This results in the identification of security vulnerabilities,however the vulnerabilities are not being fixed in a timely manner.

The two companies developed a common visibility strategy that automatically discovers IT, cloud, and IoT assets and continually scans the systems for vulnerabilities.

The two platforms can also link vulnerabilities with an asset’s business criticality and prioritise issues based on that data to speed up remediation.

“We’re delighted to work with ServiceNow to provide our joint customers with broader visibility and deeper insight into their Cyber Exposure so they can understand and reduce cyber risk holistically across their entire attack surface, from IT to Cloud and Containers to IoT devices,” comments Tenable’s chief product officer Dave Cole, chief product officer, Tenable. 

“Bridging the gap between Security and IT is the only way to tackle this growing problem in today’s modern digital enterprise.”

Tenable has also been working on its own strategy for CISOs by launching Tenable.io Lumin, an application that analyses cyber exposure.

“In spite of decades of hard work, the attackers have the advantage. The stakes are too high for the status quo to remain,” Cole comments.

“We must come together as an industry to transform vulnerability management, putting the CISO in the driver’s seat so organisations can proactively measure and manage cyber risk in the same way as other business risks, such as production forecasting and managing potential supply chain disruptions. It’s time to flip the advantage into the hands of security.”

ServiceNow also recently pledged its commitment to India’s talent and technology with the opening of its Hyderabad R&D Centre. The centre is the company’s first R&D operation in Asia.

“Hyderabad is one of the region’s most exciting technology centres that has rapidly established itself as a global software development hub. With access to world‑class talent, superior infrastructure and a thriving technology sector, the city is a perfect match for ServiceNow’s continued growth and investment in the region,” comments ServiceNow VP & GM of APJ, Mitch Young.

“Our success in the market has been underpinned by a multiplying customer base and a stronger enterprise ecosystem in India. With continuing technological advancements and the swell of data businesses must manage, finding new ways to enhance productivity will be core to business success and economic growth. The opportunity for Indian organisations is vast and only growing, and the new centre represents an important step as we continue to expand across the region,” Mitch concludes.

Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
Is mobile shopping compromising your enterprise security?
When employees do their holiday shopping on company resources, security teams have a challenge with the surge in browsing and online transactions.
Different approach to malware detection needed – VMware
Security needs to move away from the traditional approach of chasing after arbitrary forms of malware.
Modernising ERP systems can help organisations comply with GDPR
“Organisations need to look for modern ERP systems that are specifically designed with GDPR in mind."
Cyber attacks develop complexity, target Windows sysad tools - report
The report explores changes in the threat landscape over the past year, uncovering trends and how they are expected to impact cybersecurity in 2019.
DanaBot banking Trojan: How to protect your organisation
DanaBot is a Trojan written in the Delphi programming language that includes banking site web injections and stealer functions.
Ping Identity announces new Identity-as-a-Service solution
PingOne for Customers is built for the developer community and provides API-based identity services for customer-facing applications.