Tenable Network Security's Passive Vulnerability Scanner (PVS) will be available at the end of August as a standalone product. Previously available only to Tenable’s SecurityCenter and SecurityCenter Continuous View customers, PVS can now be used by any company, security specialist or compliance auditor that wants to monitor their networks in real-time, in a non-intrusive manner.
Using network sniffing technology, PVS is an ideal solution to monitor systems sensitive to disruption by traditional scanning, transient systems like mobile, virtual and cloud apps that may not be present during scheduled scans.
PVS complements Nessus active scanning by monitoring network traffic detecting apps, services, protocols, hosts that are not present or evade active scanning. By continuously monitoring the network, PVS provides visibility into both server and client-side vulnerabilities and identifies the flow of sensitive data and the use of common protocols and services.
“A hacker only needs one pathway into your network,” said Ron Gula, CEO of Tenable. “Not knowing what an unmanaged device is doing on your network is a security blind spot. By offering PVS as a standalone product, we are opening up the availability of our products to thousands of security and compliance professionals, and are the only company that provides vulnerability protection to customers from unmanaged systems and applications.”
Tenable Passive Vulnerability Scanner continuously monitors IPv4/IPv6 network traffic for a variety of security-related information including:
* Keeping track of all client and server application vulnerabilities
* Identifying when an application is compromised or subverted
* Detecting and tracking new hosts that are added to a network
* Discovering when an internal system begins to port scan other systems
* Highlighting all interactive and encrypted network sessions
* Tracking exactly which systems communicate with other internal systems
* Spotting which ports are served and which ports are browsed for each individual system
* Passively determining the operating system of each active host
Vulnerability scanning is a cornerstone of IT security and has become a regulatory compliance standard today. Over the last few years, scanning has risen in priority as confirmed by the first four controls in the SANS Top 20 Critical Controls. Any organisation effectively implementing vulnerability and compliance monitoring will lower their risk, increase compliance and avoid costly breaches. To achieve this goal, the most comprehensive scanning solutions are needed.
“As innovations such as BYOD and virtualisation gain traction within the organisation, more and more transient devices are being brought into the organisation and onto corporate networks,” added Gula. “If a company is only scanning for these devices monthly, they do not have an accurate picture of their network weakness.”