Tenable улучшила облачный анализатор безопасности Terrascan

Tenable улучшила облачный анализатор безопасности Terrascan , позволяющий разработчикам обеспечивать защиту инфраструктуры как код (Infrastructure as Code, IaC). Новые возможности позволяют организациям встраивать безопасность в свой инструментарий DevOps и цепочки поставок и тем самым снижать риски до предоставления инфраструктуры. Новая версия Terrascan получила:

• Возможность выявлять угрозы безопасности в большем числе форматов IaC и контейнеров;

• Интеграцию с реестрами всех основных контейнеров, включая обнаружение уязвимостей в образах контейнеров, на которые ссылается IaC;

• Более гибкие рабочие потоки, включая программное исполнение политик безопасности перед внесением изменений в репозиторий кода и до их применения к среде запуска;

• Улучшенную возможность фильтрации и приоритизации обнаруженных рисков в соответствии с потребностями пользователей;

• Более глубокую интеграцию с внешними панелями управления;

• Новый графический пользовательский интерфейс.

Tenable®, Inc., the Cyber Exposure company, today announced the release of Tenable.cs, adding new cloud-native security capabilities to its platform. Coming on the heels of its acquisition of Accurics, Tenable.cs enables organizations to accelerate innovation by aligning development, operational and security teams behind security and resiliency goals.

With the release of Tenable.cs, Tenable will help organizations protect the full cloud-native stack throughout the DevOps lifecycle, from the time applications and infrastructure are defined in code through production usage. Tenable.cs scans Infrastructure as Code (IaC) to detect and remediate any flaws, policy violations and potential breach paths before provisioning to the cloud infrastructure.

Implementing secure and compliant IaC is a cornerstone to aligning DevOps, security and compliance, which helps prevent cloud security risk, improve developer productivity and ultimately strengthen security and compliance. DevOps and security teams today face the challenge of “staying in their lanes” while attempting to effectively collaborate without impeding innovation. This pursuit is further complicated by cloud-native environments that are ever evolving and increasing in complexity. 

Tenable.cs brings the Accurics platform into the Tenable ecosystem, giving teams pragmatic, real-world solutions from build through runtime. The solution also delivers a best practices framework that unites DevOps and Security teams so companies can innovate in the cloud with confidence.

“Tenable.cs expands our capabilities further into the cloud stack,” said Nico Popp, chief product officer, Tenable. “Our aim is to enable organizations to embrace both the technical and cultural change that is DevSecOps. This is a natural evolution as services increasingly leverage the cloud and IaC. By analyzing this codified state of cloud environments, we enable users to shift security left and address misconfigurations and vulnerabilities before they are deployed.”

This inaugural release of Tenable.cs builds on established Accurics capabilities by optimizing the user experience, enhancing runtime capabilities and reporting and enabling tighter integration with development workflows.

• Optimized user experience:
• • Unified management console for multiple control planes including code repositories, cloud accounts, Kubernetes clusters & CI/CD or GitOps pipelines
  • A streamlined user experience for configuring complex AWS, Azure and GCP environments and projects
  • A new low code security policy editor which simplifies management of policy logic while eliminating the need to learn another policy language
• Enhanced runtime capabilities and reporting:
• • Continuous monitoring of AWS configuration changes, enabling real-time management of cloud posture
  • Comprehensive posture management for Kubernetes applications, including detecting configuration drifts in Kubernetes runtime infrastructure 
• Tighter integration with development workflows:
• • Improved integration into development pipelines, including new policies for application vulnerabilities and the ability to enforce policies during build time
  • Kubernetes policy guardrails based on recent NSA & CISA Kubernetes Hardening Guidance

Другие новости