Tenable.io Container Security
Tenable.io Container Security
Protect your environment with the first vulnerability management platform for today's modern assets – cloud, containers, web apps and more. Unify IT and OT security for complete visibility.
Key Features
  • Integrated Applications. Tenable.io delivers multiple applications to solve your toughest security challenges, such as vulnerability management, container security, web application scanning and more to come. Applications are built on a common platform, leverage the Nessus® Sensors, API and SDK, and are accessed through a single interface, making it easy to activate new applications and become productive immediately.
  • Container Security. As the only vulnerability management solution to offer integrated container security capabilities, Tenable.io continuously monitors container images for vulnerabilities, malware and enterprise policy compliance. By bringing security into the container build process up front, organizations can gain visibility into the hidden risks in containers, remediate them before they reach production and ensure container images comply with enterprise IT security policies without slowing innovation cycles.
  • Comprehensive Scan Options. Included Nessus Sensors maximize scan coverage and reduce vulnerability blind spots. Active and agent scanning, as well as passive traffic listening are included at no extra cost. Active scanning provides the broadest coverage of assets and vulnerabilities, and agent-based scanning and passive traffic listening covers hard-to-scan assets, such as transient devices, and sensitive hosts, such as medical or industrial control devices.
  • Asset Tracking. Using an advanced asset identification algorithm, Tenable.io pinpoints the true identity of each resource in your environment – even dynamic assets like laptops, virtual machines and cloud instances. This algorithm uses an extensive set of attributes to accurately track changes to assets, regardless of how they roam or how long they last.
  • Documented API and Integrated SDK. Easily integrate and automate the sharing of capabilities and vulnerability data, or build on the Tenable.io platform, leveraging a fully documented API set and SDK. There is no extra cost to use these tools to maximize the value of your vulnerability data.
  • SLA With Uptime Guarantee. Tenable provides the vulnerability management industry’s first uptime guarantee through a robust service level agreement (SLA) for Tenable.io. Service credits are offered if the SLA is not met, just like leading cloud vendors, such as Amazon Web Services.

Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.
  • “At-a-Glance” Dashboard Visibility. Dashboards give IT security managers “at-a-glance” visibility into both container image inventory and security. Security teams can view vulnerability, malware and other security data for all container images, as well as the distribution of vulnerabilities across images by CVSS score and risk level.
  • Continuous Assessment Identifies New Threats. Tenable.io Container Security continuously monitors vulnerability databases for new vulnerabilities. When one is identified, it automatically re-scans all stored container images against the new vulnerability. Subsequently, the product automatically scans new container images for the vulnerability, ensuring continuous protection.
  • Malware Protection for Containers. Tenable.io Container Security is the only container security solution that assesses container image source code for malware. It uses a custom-built malware detection engine to analyze container image source code and help ensure images are malware free.
  • Enterprise Policy Enforcement. Enterprise policy compliance can be optionally enforced by monitoring container images for factors such as overall risk score and the presence of malware. If an image is created that exceeds the organization’s risk threshold, developers can be notified immediately, with layer-specific information provided to help them rapidly remediate the flaws. Policy violations can trigger alerting or can optionally block specific images from being deployed. Policies can apply globally or only to images in specific repositories.
  • Accelerate DevOps by Pinpointing Security Risks. In addition to providing a view of images by repository, it performs an in-depth vulnerability assessment on container images as they are pushed into Tenable.io Container Security. It conducts a full inventory of image layers and components – listing the application, dependencies, libraries, binaries and configuration files. This fast and comprehensive view of vulnerabilities combined with layer hierarchy intelligence provides a detailed assessment of container image risk, by repository, ensuring developers don’t waste time searching for vulnerabilities or fixing issues that are mitigated in a higher layer. This enables developers to quickly remediate potential container risks and push secure code even faster.
  • Embed Security Into Your DevOps Toolchain. Tenable.io Container Security can optionally – and seamlessly – embed security testing into the software development tooling, without blocking or disrupting existing development processes and workflows. The product provides out-of-the-box integrations with common build systems such as Jenkins, Bamboo, Shippable, Travis CI and others.

If you have questions about Tenable.io Container Security write us at: tenable@bakotech.com.