Exposure Management Platform

Tenable One is an Exposure Management Platform to help organizations gain visibility across the modern attack surface, focus efforts to prevent likely attacks and accurately communicate cyber risk to support optimal business performance.

The platform combines the broadest vulnerability coverage spanning IT assets, cloud resources, containers, web apps and identity systems, builds on the speed and breadth of vulnerability coverage from Tenable Research and adds comprehensive analytics to prioritize actions and communicate cyber risk. Tenable One allows organizations to:

• Gain comprehensive visibility across the modern attack surface
• Anticipate threats and prioritize efforts to prevent attacks
• Communicate cyber risk to make better decisions

Tenable One includes the following Tenable products. The full functionality of each of these products is included in Tenable One.

• Tenable.io Vulnerability Management
• Tenable.io Web App Scanning
• Tenable.cs Cloud Security
• Tenable.ad Active Directory
• Tenable Lumin

Capabilities include:

• Exposure View: Enables focused security efforts through clear, concise insight into your organization’s security exposure answering such critical questions as “how secure are we” and “where do we stand in our preventative and mitigation efforts?” “how are we doing over time?” and “what are the key events?”
• Tag Performance: Addresses which tags make up an exposure card and how much that group of assets contributes to a given exposure score.
• Attack Path Analysis: With more than 150 supported attack techniques, Attack Path Analysis gives security practitioners a glimpse into the attacker mindset. It continuously monitors gaps across endpoint, identity and cloud to proactively visualize attack paths and mitigate high-risk exposures. It performs this function by mapping critical risks to the MITRE ATT&CK framework to visualize all viable attack paths continuously — both on-prem and in the cloud.
• Asset Inventory: Centralized view of all assets, including IT, cloud, Active Directory (AD) and web apps, with the ability to create specific asset tags from a variety of sources.
• External Attack Surface Management (EASM): Provides insight into the external attack surface, empowering your organization to identify and reduce risks from the attacker’s perspective.
• Custom Exposure Cards: Enables concise, flexible communication of specific security insights.
• News: Integration with Tenable Research blogs allow for creation of custom exposure cards that reflect cyber security developments.

Lumin’s Cyber Exposure Score (CES) is derived from vulnerability prioritization and asset criticality scores. The Exposure View score in Tenable One is derived from the CES score along with inputs from data derived from the other products contained within Tenable One - including cloud, identity, web application security and attack surface management.

Yes. There are two versions.

• a. Tenable One Standard is comprised of:
  Tenable.io, Tenable.io Web App Scanning, Tenable.cs, Tenable.ad, Lumin & Exposure View & Asset Inventory
• b. Tenable One Enterprise is comprised of all features in Tenable One Standard plus:
  Attack Pathway for breach & attack mitigation and External Attack Surface Management for insight into the external attack surface, allowing organizations to identify and reduce risks from the attacker’s perspective.

Yes, add-on SKUs are available for additional cloud scanners for WAS and Enterprise Attack Surface Management (ASM) daily frequency. Tenable One Enterprise provides customers with visibility of their internet-connected assets on a bi-weekly basis. With Tenable One Enterprise ASM Daily, the frequency is extended, giving customers a daily refresh rate for an up-to-date view of their external attack surface.

Yes, Tenable One is a cloud-based solution. It is not available as an on-premise solution.