New risk-centric vulnerability remediation enables organizations to focus on the seven percent of issues
that matter
LONDON, Nov. 07, 2018 (GLOBE NEWSWIRE) -- Edge EMEA -- Tenable®, Inc., the Cyber Exposure company, today announced Predictive Prioritization, a first-of-its-kind innovation for both Tenable.io® and Tenable.sc™
(formerly SecurityCenter) which will provide organizations with the unprecedented capability to focus on the seven percent of
vulnerabilities which pose the greatest actual risk to the business.
Effectively prioritizing vulnerabilities is a critical and strategic business imperative for reducing cyber risk. According to
Gartner, “Through 2021, the single most impactful enterprise activity to improve security will be mitigating vulnerabilities.*” The
newly published Vulnerability Intelligence Report from Tenable Research found that enterprises must triage and
manage more than 100 critical vulnerabilities on average daily, as rated by the common vulnerability scoring system (CVSS). Basic
CVSS ratings alone are failing the industry and leave organizations unable to effectively and confidently focus on which
vulnerabilities require immediate action. Moreover, Tenable Research estimates that the industry is on track to disclose up to
19,000 new vulnerabilities in 2018, an increase of 27 percent over 2017. Yet in 2017, public exploits were available for seven
percent of all vulnerabilities, meaning that 93 percent of all vulnerabilities posed only theoretical risk. For most
vulnerabilities, a working exploit is never developed and of those, an even smaller subset is actively weaponized by threat actors,
making it difficult to understand which vulnerabilities to remediate first, if at all.
To address this deluge of vulnerabilities and predict which ones expose organizations to the most cyber risk, Tenable is
announcing new predictive prioritization capabilities. Predictive Prioritization combines Tenable-collected vulnerability data with
third-party vulnerability and threat data and analyzes them together with the advanced data science algorithm developed by Tenable
Research. The data science algorithm analyzes over 100,000 vulnerabilities using machine learning to anticipate the probability of
a vulnerability being leveraged by threat actors and differentiate between real and theoretical risks.
Third party data sources include:
- Basic Vulnerability Information, such as CVSS and the National Vulnerability Database (NVD), that provide
baseline information on ease of exploit and attack vectors associated with the vulnerability.
- Third-Party Threat Intelligence feeds from a variety of public threat intelligence feeds as well as Recorded
Future, that deliver insight into which vulnerabilities are actively being exploited by both targeted and opportunistic threat
actors.
“With thousands of vulnerabilities identified in enterprise environments each day, security teams don’t have time and the
business doesn’t have the luxury to guess which ones to focus on first,” said Dave Cole, chief product officer, Tenable.
“Organizations need solutions to help them better understand the actual, not theoretical, impact of vulnerabilities, and focus
remediation efforts based on business risk. We’re very excited to introduce Predictive Prioritization as a first-of-its-kind
innovation to our Cyber Exposure platform, helping organizations better manage, measure and reduce their cyber risk in the digital
era.”
Predictive Prioritization will be included as part of Tenable.io, for vulnerability management in the Cloud, and Tenable.sc
(formerly SecurityCenter), for vulnerability management On-Prem. These two flexible deployment options are core components of the
Tenable Cyber Exposure platform, which uniquely provides the breadth of visibility into cyber risk across IT, cloud, IoT and OT
environments and the depth of analytics to measure and communicate cyber risk in business terms to make better strategic decisions.
Predictive Prioritization for Tenable.io and Tenable.sc will be generally available in 2019.
For more information on Predictive Prioritization, go to https://www.tenable.com/cyber-exposure/platform.
About Tenable
Tenable®, Inc. is the Cyber Exposure company. Over 24,000 organizations around the globe rely on Tenable to understand and reduce
cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to
see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more
than 25 percent of the Global 2000 and large government agencies. Learn more at tenable.com.
Contact Information:
Cayla Baker
Tenable
tenablepr@tenable.com
443-545-2102, x 1544
*Gartner Security and Risk Management Summit 2018 Presentation, Fix What Matters: Provide DevOps Teams With Risk-Prioritized
Vulnerability Guidance, Dale Gardner, June 4-7, 2018