Feeds:
Posts
Comments

Posts Tagged ‘Tenable’

unified-vulnerability-management-suite-espincorp.png

Background

With the recent Gartner published new market guide with the introduce of “container security” be part of the vulnerability management, Tenable be the only one possess that by bought over FlawCheck last year and introduce Tenable.io platform in the market, the market change again.
Tenable.io also introduce web application security (WAS) as part of the platform offering. With Container security and web application security, it now cross over to leading container security and enter into what we traditional called application security market (traditionally occupied by web vulnerability scanner and static source code analyzer vendor). Rapid7 from the past bought over NTO and enter into application security as well, by rebranding it as AppSpider product. We will expect all will catch up on the container security, most likely acquired existing player who offer it.
Technology keep changing from years, where from the past on the cloud and online, software as a service (SaaS) model, with emerge of Qualys as the leading player on that field. With the latest acquired and integration of other new technology take place, the real differentiator for major player become minimal, we can expected major vendor will try to introduce unique and specialized area and be differentiate themselves over another (take over, merger and acquisition is the obvious option for enter market rapidly) .
With application security in depth alone, traditionally Tenable do not enter in the past, where dominance by web application scanner offer dynamic , static application security testing technology (DAST, SAST) or new interactive application security testing (IAST). We can expect the market will be changing again.
Traditional vulnerability management or specialized web application scanner become more generic offering, and the price point is bring down significantly as technologies matured and more me-too product introduce in the market. Available of open sources alternative, let enterprise market who willing to paid for commercial offering being the primary target for all the commercial vendor.
We also saw the trend for traditional penetration testing tool vendor attempt to enter vulnerability management market. With the Rapid7 acquired Metasploit in the past and the recent Core Security make the vulnerability management offering.
We also see the trend for company used to offer SAST now try to enter DAST in application security field. For mobile application security testing (Mobile AST) as new technology also rising demand for today mobile application driven business.
On the other end, we saw the smaller vendor who previously focus on one tool product now day also attempt to expand their offering to large audience. Big player is extend their product with niche product/ to penetrate those previously recognize as niche as well.

Future of Vulnerability Management

Predicting for near future product-market

future-of-application-security-market.png

  • Mobile application security testing (Mobile AST) will be included in Application Security Testing (AST) tool market (together with DAST, SAST, IAST).
  • Container Security will be one of the unique, and slowly all the major player will incorporate into their offering (whether as a option or bundled).
  • Unified of vulnerability management and application security in the near future (and eliminate some of the player that can not transit over the new changing market reality).
  • Standalone and niche focus product that easy to be use continue to be play a role in the market for those who look for solving specific purpose, both generic and specialize product /tools continue to be available for those who need them.
  • Shift left (move from product security to software development) trend, more and more customer look for integrated tool to streamline the vulnerability/security fixing cycle as early as at the early development process.

security-risk-mnagement-SRM-espincorp.png

  • Trend toward threat/vulnerability management (VTM) slowly emerge and recognize as single unified process (threat assessment -> vulnerability assessment -> risk analysis) to streamline the whole process for address enterprise threat/vulnerability and risk analysis / security risk management (SRM).
The future of vulnerability management suite, depend on the end user requirement. For complex enterprise requirement, will include the above unified vulnerability management suite aspect/functional module or option in the package bundled.
As you can see for the market product shift underway, if you want to make any major decision for the short term, for sure, license subscription (LS) is the way to go, since it is pointless to own “outdated product” and pay significant investment upfront that you may or may not really found it relevant to the changed market at all.
E-SPIN Group being vulnerability management, application security and penetration testing product and solution provider for over 13 years in the market. E-SPIN will continue to be active in the business domain and helping customer to make right investment that yield return of investment.
Feel free to contact our E-SPIN solution consultant for any project or operation requirements.
Advertisements

Read Full Post »

This video is about E-SPIN & Tenable Network Security: CyberSecurity Transformation Challenges and Solutions event cover the event opening, guest speaker talks, socialize and networking session summary and highlight

E-SPIN & Tenable Network Security CyberSecurity Transformation Challenges and Solutions

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a E-SPIN & Tenable Network Security CyberSecurity Transformation Challenges and Solutions what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

E-SPIN_Tenable_CyberSecurity_Transformation_EventPoster

Please join E-SPIN, Westcon and Tenable Network Security for an day of networking, food, and fun. This event will provide those in technology and cybersecurity with the opportunity to grow their security knowledge via an immersive hands-on cybersecurity sharing experience.

For more info , please click on this link https://goo.gl/DKHPiV

Read Full Post »

This video is about Web Application Security Challenges and Solution by E-SPIN

Web Application Security Challenges and Solution

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Web Application Security Challenges and Solution what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

tenable-io_product_overview_malay_version

This video is about Tenable.io product that presented in Malay version .

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Tenable.io  what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

tenable-io_product_overview

For those who can not join us for the session, please see the summary and highlight clip for the event.

E-SPIN recently run a Tenable.io  what’s new session cover what new for new user and existing users.

For further information, please contact us or visit to our website on http://www.e-spincorp.com

Read Full Post »

Tenable’s Unified Security Monitoring (USM) solution uniquely solves that challenge by integrating active and passive vulnerability management with SIEM capabilities –- providing a contextualized and prioritized view of events and activity. USM helps users quickly focus their attention and energies on the most pressing security issues, as well as ferreting out suspicious activity that would otherwise go undetected.

teable_LCE

New release of Tenable’s Log Correlation Engine (LCE) version 4 adds several new features that enhance its ability to support complex enterprise environments, as well as make the day-to-day jobs of users easier and more productive. Here are some of the key upgrades:

  • Much faster processing speeds. LCE v4 can process more than 30,000 events per second. That’s up to 20 times faster than version 3, made possible through multi-core support and other engine improvements.
  • ‘Smart’ load balancing. LCE v4 automatically routes tasks to new or underutilized servers when workloads increase, enhancing efficiency.
  • Enhanced event full-text search. Allows LCE users to identify specific events and network-based activity by rapidly sifting through mountains of log data, saving time and improving efficiency.
  • Easier deployment, administration, and operation; centralized administration of LCE Client systems. Existing LCE users will welcome operational enhancements, including the ability to update remote client configuration settings through changes on a central LCE server, saving time and reducing the potential for errors.

Tenable Log Correlation version 4 increases employees work efficiency by implementing easier user guide for further understanding to reduce product complexity.

For more information about Tenable LCE v4, please visit

http://e-spincorp.com/espinv3/index.php/tenable-network-security/tenable-solutions

Read Full Post »

Older Posts »