Story image

Tenable & ServiceNow partner to address blindspots in cyber risk understanding

12 Mar 18

ServiceNow and Tenable have formed what they call a ‘strategic security alliance’ to address organisations’ blind spots in understanding cyber risk.

The two companies have integrated the Tenable Cyber Exposure Platform and ServiceNow Security Operations to address cyber risk management.

“Security teams can’t declare ‘mission accomplished’ after the vulnerability scan alone,” comments ServiceNow’s security business general manager Sean Convery.

“Together, Tenable and ServiceNow give customers an understanding of business impact and security risk, so patching and other response actions can have maximum impact and accelerate remediation.”

They believe that organisational silos separate security and IT teams. This results in the identification of security vulnerabilities,however the vulnerabilities are not being fixed in a timely manner.

The two companies developed a common visibility strategy that automatically discovers IT, cloud, and IoT assets and continually scans the systems for vulnerabilities.

The two platforms can also link vulnerabilities with an asset’s business criticality and prioritise issues based on that data to speed up remediation.

“We’re delighted to work with ServiceNow to provide our joint customers with broader visibility and deeper insight into their Cyber Exposure so they can understand and reduce cyber risk holistically across their entire attack surface, from IT to Cloud and Containers to IoT devices,” comments Tenable’s chief product officer Dave Cole, chief product officer, Tenable. 

“Bridging the gap between Security and IT is the only way to tackle this growing problem in today’s modern digital enterprise.”

Tenable has also been working on its own strategy for CISOs by launching Tenable.io Lumin, an application that analyses cyber exposure.

“In spite of decades of hard work, the attackers have the advantage. The stakes are too high for the status quo to remain,” Cole comments.

“We must come together as an industry to transform vulnerability management, putting the CISO in the driver’s seat so organisations can proactively measure and manage cyber risk in the same way as other business risks, such as production forecasting and managing potential supply chain disruptions. It’s time to flip the advantage into the hands of security.”

ServiceNow also recently pledged its commitment to India’s talent and technology with the opening of its Hyderabad R&D Centre. The centre is the company’s first R&D operation in Asia.

“Hyderabad is one of the region’s most exciting technology centres that has rapidly established itself as a global software development hub. With access to world‑class talent, superior infrastructure and a thriving technology sector, the city is a perfect match for ServiceNow’s continued growth and investment in the region,” comments ServiceNow VP & GM of APJ, Mitch Young.

“Our success in the market has been underpinned by a multiplying customer base and a stronger enterprise ecosystem in India. With continuing technological advancements and the swell of data businesses must manage, finding new ways to enhance productivity will be core to business success and economic growth. The opportunity for Indian organisations is vast and only growing, and the new centre represents an important step as we continue to expand across the region,” Mitch concludes.

Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.
What disaster recovery will look like in 2019
“With nearly half of all businesses experiencing an unrecoverable data event in the last three years, current backup solutions are no longer fit for purpose."
Proofpoint launches feature to identify most targeted users
“One of the largest security industry misconceptions is that most cyberattacks target top executives and management.”
McAfee named Leader in Magic Quadrant an eighth time
The company has been once again named as a Leader in the Gartner Magic Quadrant for Security Information and Event Management.
Symantec and Fortinet partner for integration
The partnership will deliver essential security controls across endpoint, network, and cloud environments.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.