The research firm’s latest report also provides market insights security professionals can use to improve their vulnerability management strategy.
IDC recently published its Worldwide Device Vulnerability Management Market Shares, 2021: The Stakes Are High report to highlight the top worldwide vulnerability management vendors. For the fourth consecutive year, Tenable ranks No. 1 in market share.
IDC credits Tenable’s success to our strategic acquisition strategy and Tenable One, our Exposure Management Platform, which provides extensive vulnerability coverage for IT infrastructure, web apps, public cloud and identity systems, along with context-driven risk analysis, all in one unified platform.
IDC’s report also provides market insight and developments, as well as advice for technology suppliers to ensure they’re aligned with future market needs. We believe Tenable’s vision and strategy aligns with advice from IDC, validating that we are well positioned to help your needs now and into the future.
Here are three recommendations the IDC report makes to technology providers, along with ways in which Tenable is already addressing these:
- DVM vendors should combine external scans from an attack surface management platform with agent and network scans to present information about both known and unknown assets. Modern organizations require continuous monitoring of their complete attack surface and context-aware intelligence on where to prioritize remediation efforts. Using active scanning, agents, passive monitoring, external attack surface management and configuration management database (CMDB) integrations, Tenable One will discover and analyze a wide range of assets, spanning IT assets, cloud resources, containers and identity systems. But this only represents a subset of an organization's full digital footprint of the many devices, applications and APIs that are accessible to external users yet may not be fully known to security teams. Tenable Attack Surface Management, a component of Tenable One, builds off of the wide range of assets being assessed and continuously maps the internet to discover connections to an organization’s internet-facing assets, whether internal or external to their networks. This combined data gives users a unified view of all assets, allowing users to create new vulnerability and web application scans to identify exposures and remove blind spots. Plus, users get a 360-degree view of their full attack surface to better understand how attackers could gain access via the internet and help prioritize remediation actions.
- Provide proof of value, so customers engage and use their DVM system as part of proactive cybersecurity, instead of regarding it as a checkbox item required by regulations or their cyber insurance provider. To keep their organizations safe our customers need to anticipate future problems, needs or changes and quickly take appropriate action. Tenable One provides attack path visualizations and prioritization capabilities to ensure a proactive response to remove the paths attackers may take. It performs this function by combining asset, exposure, threat and user privilege data to continuously map critical risks to the MITRE ATT&CK framework and identify all viable attack paths. Users also get actionable insights into an organization’s overall cyber risk — including the value of the proactive efforts happening daily. Actionable metrics enable security teams to show the value of their proactive security efforts as well as save time, improve investment decisions, support cyber insurance initiatives and drive improvement over time — all while tangibly reducing risk to the organization.
- Offer lightweight agents that make scanning as quick and painless as possible, so customers can use it often. To gather information from each Tenable One application, a variety of sensors are deployed across an environment. The sensors that connect to the platform play a major role in collecting security, vulnerability and asset information so users can manage, monitor and track information systems, applications and user accounts. Tenable One supports several sensors today: Nessus vulnerability scanners, Nessus passive network monitoring and Nessus Agents. Tenable’s lightweight agent gives you visibility into additional assets, such as endpoints, and other remote assets that intermittently connect to the internet. But for highly dynamic environments like cloud with short-lived life spans of assets measured in minutes or hours, agents, passive monitoring and network scanners are not enough. Tenable One also supports Agentless Assessment, an agentless sensor to gain continuous insight into cloud assets and misconfigurations. Agentless Assessment relies on API data and volume snapshots of running cloud instances to deliver visibility without the need to install agents, manage credentials or create scan schedules.
- DVM vendors should bridge the gap between those responsible for managing vulnerabilities and those responsible for patching them with integrations between these systems that go beyond a shared spreadsheet. Tenable solutions integrate with leading patch management solutions to shrink the gap between security and IT operations and automatically correlate the most appropriate remediation action based on prioritized vulnerabilities Tenable discovers. Tenable customers can take advantage of over 250 pre-built integrations from more than 125 technology partners to enrich their security and IT systems, automate workflows and add new capabilities. Users can also create their own customized integrations to meet unique requirements using the Tenable Developer Hub with fully documented APIs. To see available integrations visit the Technology Ecosystem landing page.
1Worldwide Device Vulnerability Management Market Shares, 2021: The Stakes Are High
Lean more
- Read the IDC Market Share report for more information on DVM vendors and market insights
- Visit our Tenable One landing page to learn more about our Exposure Management Platform.