Cybersecurity teams are inundated with troves of fragmented vulnerability and threat intelligence data, but Tenable Research reveals that only 3% of vulnerabilities most frequently result in impactful exposure.
“Without threat context and research insights, every vulnerability is a priority, creating a high-stress, low-efficiency whack-a-mole scenario for security teams,” said Tenable’s Gavin Millard, VP of product management for Vulnerability Management.
Tenable says it is including context-driven prioritisation and response features in its Tenable Vulnerability Management, Tenable One and Tenable Cloud Security. The features contextualise vulnerability data from internal and external sources, enabling organisations to close the exposures that pose the greatest risks to their businesses.
Tenable claims the new capabilities of vulnerability intelligence and exposure-response will help enable customers to pinpoint these key vulnerabilities with rich context, curated by Tenable Research, and close risky exposures.
Data source
In the last two decades, Tenable has collected and analysed 50 trillion data points on more than 240,000 vulnerabilities, capturing detailed vulnerability information and deep context. This enriched database ‘supercharges’ Tenable Vulnerability Intelligence, enabling efficient proactive defence.
What the combination means
With this data source and expertise from Tenable Research, Vulnerability Intelligence integrates comprehensive vulnerability sources designed to streamline data analysis and enable security teams to quickly understand vulnerability details.
With comprehensive, action-oriented workflows from Exposure Response, security teams can prioritise asset exposures based on criticality, monitor remediation trends against SLAs and track progress against desired outcomes. This will help customers ensure resources are used efficiently, reduce risk and communicate value to stakeholders in business terms.
Millard claims that more than two decades of carefully curated exposure data enables security teams to focus on the risk that matters most to their organization and communicate succinctly to stakeholders. “The enriched intelligence and contextualisation take prioritisation and response to a new level, providing security teams with the critical data needed to identify and reduce risk,” he added.