sb-as logo
Story image

Threat prioritisation feature announced for Tenable platforms

12 Feb 2019

Tenable has announced the general availability of Predictive Prioritisation, an offering that aims to change how organisations tackle vulnerabilities.

Predictive Prioritisation enables organisations to reduce business risk by focusing on the three percent of vulnerabilities with the greatest likelihood of being exploited in the next 28 days.

This capability is generally available within the company’s on-premises vulnerability management offering — Tenable.sc (formerly SecurityCenter) — which is a core component of the Tenable Cyber Exposure platform.

Effectively prioritising vulnerabilities is fundamental to cybersecurity.

Yet, knowing where an organisation is most exposed to threats is increasingly daunting given the volume of vulnerabilities.

According to the National Vulnerability Database, there were 16,500 new vulnerabilities disclosed in 2018 alone, of which only a small fraction was actively weaponised for cyber attacks.

This deluge of vulnerabilities, combined with the inability to identify those that pose an actual threat to the business, leaves organisations unable to effectively measure, manage and reduce their risk.

Predictive Prioritisation aims to address this problem.

It analyses Tenable vulnerability data combined with third-party vulnerability data and threat intelligence across 150 data sources using a proprietary machine learning algorithm to predict the likelihood a vulnerability will be exploited in the next 28 days.

This means organisations will be able to evolve their vulnerability remediation efforts from reactive to predictive by focusing on the three percent of issues that could and likely will be exploited.

This threat-centric model is a critical component of modern vulnerability management, hence Tenable has made Predictive Prioritisation a core feature of its vulnerability management platform offerings.

Tenable co-founder and chief technology officer Renaud Deraison says, “Predictive Prioritisation will change the way companies run their vulnerability management programs by giving them a new level of insight on where to focus based on threats to the business.”

“Predictive Prioritisation will help organisations answer foundational questions about where they’re exposed and what vulnerabilities to prioritise for remediation based on the threat landscape -- two questions that are critical for achieving Cyber Exposure.”

Predictive Prioritisation is generally available in Tenable.sc 5.9, for on-premises vulnerability management.

Predictive Prioritisation will be generally available in Tenable.io, for cloud-based vulnerability management, later in 2019.

Story image
Machine identities increasingly exploited, new research finds
Venafi, the provider of machine identity management, finds that malware attacks using machine identities doubled from 2018 to 2019, including high-profile campaigns such as: TrickBot, Skidmap, Kerberods and CryptoSink.More
Story image
OkCupid website and app found to have significant security flaws
The popular online dating service has been found to have several vulnerabilities which, if exploited, could put the private data of users in danger of being stolen.More
Story image
Cyber criminals turn to Gmail and AOL to advance attacks
“Securing oneself against this threat requires organisations to take protection matters into their own hands - this requires them to invest in sophisticated email security that leverages artificial intelligence to identify unusual senders and requests."More
Story image
10 billion records sit in unsecured databases - China leads the pack
A white hat hacker hacker uncovered a total of 9517 unsecured databases worldwide, collectively containing more than 10 billion entries.More
Story image
DDoS attacks spike thanks to COVID-19 lockdowns, Kaspersky finds
Kaspersky experts believe the rise in malicious activity can be attributed to the impact of COVID-19, as both cybercriminals and their targets have had to reconsider their holiday plans. More
Story image
Malware attacks abusing machine identities grew eightfold over the last 10 years - report
"Machine identity capabilities have become commoditised and are being added to off-the-shelf malware, making it more sophisticated and harder to detect."More