Capability Domains met by Tenable

Coordination & Communication

SecurityCenter CV allows for coordination and communication among multiple organizational entities and departments, such as:

  • Information System Owners
  • System Administrators
  • Information Security Staff
  • Risk Management Teams
  • SecurityCenter CV utilizes tens of thousands of plugins that include the latest vulnerability information on advanced threats, zero-day vulnerabilities and new regulatory compliance data. Summary reports and detailed reports can be generated and sent to groups, reducing the time for response and increasing team involvement across an organization. SecurityCenter CV offers a comprehensive collection of dashboards, reports and ARCs for collecting and analyzing network data and alerts.

    Identify

    SecurityCenter CV identifies malicious software and botneted systems with three very different methods:

  • First, for Windows credentialed scans, Nessus examines the file checksum of every running process and supporting file against an industry index of the top 25 anti-virus vendors.
  • Second, Nessus also leverages a high-quality botnet IP and DNS list to see if a scanned asset is part of a known botnet, communicating with a known botnet or configured with botnet information such as a DNS server or web content used to propagate the botnet.
  • Finally, Nessus offers a variety of specific local and credentialed checks that identify specific malware activity, such as modification of the LMHOSTS file on Windows platforms. SecurityCenter CV can scan systems and compare hashes of running processes against and industry index of known malicious hashes.
  • Additionally thousands of plugins are utilized by SecurityCenter CV for the most current vulnerability information. New plugins are added daily to ensure the most recent vulnerabilities are detectable by SecurityCenter CV.

    Monitor

    SecurityCenter CV provides continuous monitoring of organization systems to provide administrators with a detailed view of newly discovered vulnerabilities, system activity and audit checks.

    SecurityCenter CV uses policy audits to ensure anti-virus software is configured to the organization’s standards to scan suspicious files for malicious code as they are downloaded, opened or executed. SecurityCenter CV uses active scanning, continuous listening and host analysis to aid organizations in monitoring communications entering and leaving the environment.

    SecurityCenter CV continuously listens to all network traffic in real time to find new hosts, new vulnerabilities and new applications. It monitors the network for the same vulnerabilities detected by active scanning. In addition, SecurityCenter CV analyzes host data to passively detect and identify a variety of vulnerabilities.

    Organizations can monitor system access with the use of SecurityCenter CV’s comprehensive monitoring capabilities. Users can search by system name or user ID in logs analyzed by SecurityCenter CV to determine if systems have been accessed by unauthorized users. Additionally, alerts can be configured to notify security teams when new users access hosts. These alerts can be reviewed for potentially unauthorized access.

    Audit

    SecurityCenter CV can audit the security of remote access infrastructure as well as users accessing systems internally. A wide variety of data can be monitored to discover intrusions, non-compliant activity or other types of unauthorized access. For example, SecurityCenter CV can monitor the activity of remote employees who enter a network via VPN, network or dial-in connections. Agents gather configuration, vulnerability and policy information even when devices leave the network.