Security Market Segment LS
Wednesday, 19 August 2015 17:58

The situation is well – Tenable

By

Chief information and security officers need to know about Tenable. It provides the peace of mind - the aspirin - that lets you sleep at night knowing your network is secure and when its not!

Tenable is not an endpoint or perimeter security company in the sense that it does not provide firewalls and anti-virus/malware protection. It essentially provides a comprehensive, continuous monitoring system that can tell you in real-time if something is wrong or awry with said security.

Founded in 2002 it provides continuous network monitoring to identify vulnerabilities, reduce risk and ensure compliance. Its clients include many Fortune 500 companies, the entire U.S. Department of Defence, and many of the world’s governments.

I had the opportunity to interview Dick Bussiere, Principal Architect for Tenable Network Security in the Asia Pacific region. He is based in Singapore and comes from Boston of French Canadian extract.

Dick has been with Tenable for 13 years and has been in ICT security and computer networking for over 20 years. He is a regular speaker at conferences including the 2014 RSA Conference – where the world talks security.

“We love antivirus and security companies – we are not competitors as you need something concentrating on protecting the perimeter and endpoints from virus, malware and intrusion,” Dick said. “But I challenge you to be able to define the extent of that perimeter these days with so many Bring Your Own Devices (BYOD), and now the Internet of Things (IoT). I also challenge you to find breaches quickly.”

The remainder of the interview is paraphrased to avoid repetition of he said etc.

In 2014 there were 152 operating vulnerabilities reported each week.

You may as well assume that your network will be breached – not if, but when.

We say continuously monitor the access levels of the LAN/WAN infrastructure. That means watching traffic flowing to and from devices and looking for tell tail signs of malicious activity. Two things need to be done:

First is the Vulnerability assessment to find security issues, patches, bugs and configurations.

Second is the Compliance audit where a set of rules are checked for completeness and compliance.

There is a big difference between the two functions – you can be compliant but you can never be secure.

A recent survey shows that over half of the larger companies only do security or vulnerability assessments irregularly – some quarterly and some never. Why? Because it is a lot of work and the huge amounts of data gained need extensive analysis. In labour savings alone, (OPEX) Tenable’s continuous monitoring pays for itself.

Tenable’s solution has been to develop a many-to-one software architecture in which many instances of the company’s Nessus scanners are linked to a central monitoring database. Nessus is an active scanner, it combines with PVS, the passive scanner, and LCE, log correlation, to deliver continuous network monitoring.

You cannot keep up any more using manual processes to maintain and completely understand your vulnerability position. Collecting the data, putting it into a searchable and query-able database, applying big-data principles is almost impossible. Tenable is unique in that it does all that continuously and provides a dashboard interface for system administrators to respond quickly.

It also can produce an ‘assurance report card’ for the C-Level executives who do not need to know the detail.

Dick spoke often about a single point of truth then asked me some questions?

Can you define your network, what are the IP addresses, what apps and programs are running, what known vulnerabilities do they have, where are your boundaries (BYOD), what about the IoT?

No one knows anymore where the network starts and ends. Sure, you have an internal network (intranet) but it also touches the internet – that is the equivalent of the wild west - and you can have an extranet and so on. This particularly applies to BYOD models, where large numbers of devices are deployed based on trust relationships not only with the corporate network, but also with other devices including virtual servers and Web-based cloud applications. The browser is the biggest vulnerability of all time.

We spoke about iOS, Windows Phone 8.1 (and Windows 10 Mobile) and Android.

Android is a nightmare, a train wreck, a disaster because of its open nature. Device manufacturers, telco carriers, and more all have access to the kernel and all put some form of bloatware on it making it almost impossible to update. Samsung’s Knox is a good start but it is not the solution – it [security] needs to be done from the kernel and that is Google’s responsibility.

iOS is safe simply because Apple will not let anyone into the kernel. Windows 10 and Windows 10 Mobile are following the same path and should be safe. But, hackers are now attacking apps instead of the kernel and that opens up a new threat vector.

Tenable’s solution he repeats is continuous monitoring and using big data (business intelligence) techniques to make it meaningful. He sees the time that endpoints will also need ‘agents’ to monitor their state and to connect with corporate networks.

We spoke about the IoT.

Again, it is a disaster, how do you find every asset on the network, especially those that only wake up occasionally and report something. Yes you can look at IP addresses but you don’t know what they are reporting, to whom (or what), are their apps/programs secure, are they in fact licensed (or counted as part of licensing processes), and who controls then?

Not knowing is bad enough. Tenable can provide that single point of truth and you would be surprised just how expansive networks can be. I am a great advocate for separating networks – those that are purely internal and trusted (do not need internet access), those that are trusted and need internet access, and then all those that are not trusted (guest networks).

Tenable’s solution is complete – all under one pane of glass (the dashboard) – other providers do pieces. The Tenable solution currently is dedicated software sitting on a hardened device (PC) on the network. It will eventually move to the cloud as a service once issues of security can be solved.

Dick had three messages he wanted conveyed to readers.

1. Consider the risk of not doing assessments regularly and look at Tenable’s continuous monitoring if only to reduce OPEX and gain peace of mind

2. Design networks to be safe but assume they will be compromised – real-time monitoring will discover, analyse, prioritise and allow a quick response.

3. The extent of the network has expanded with BYOD, IoT, cloud and internet. It is not easily definable and all endpoints need to be managed.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments