使用 Tenable Cloud Security 无代理评估功能加快 AWS 的漏洞检测和响应速度
Learn how to leverage our latest cloud security discovery feature, Tenable Cloud Security Agentless Assessment, to enhance the way you scan for software vulnerabilities and misconfigurations in the cloud.
过去,云中的漏洞扫描主要使用基于网络的扫描程序(如 Nessus )或基于代理的 Nessus Agents 方法来完成。 多年来,Tenable 一直致力于成为安全专业人士的黄金标准,通过世界级的漏洞研究为他们提供快速、全面和准确的漏洞扫描。 我们的客户一直希望以更简单的方式在云中配置和管理 Nessus 扫描,因此在 2020 年,我们发布了 Tenable.io 无障碍评估,迈出了我们将 Nessus 转变为更专注于云的解决方案的第一步。
Tenable Cloud Security Agentless Assessment for Amazon Web Services (AWS) takes the groundbreaking work that Tenable.io Frictionless Assessment laid out and completely upgrades it for a truly seamless cloud native scanning solution.
安全专业人员在云中经常遇到的一个问题是,试图将传统的漏洞管理概念应用于云工作负载,尤其是临时工作负载。 Auto-scaling enables cloud instances to spin up and spin down, which means traditional scan windows could miss assets needing to be assessed. 用于进行扫描的服务帐户凭据是云中管理的一大难题,要让不同的团队标准化地采用端点代理,或者仅仅使用安全团队批准的映像,都会成为挑战。 Necessity is the mother of invention, as they say, and, with Tenable Cloud Security Agentless Assessment, we set out to build a unique technology that overcomes these obstacles.
It's clear that removing obstacles that extend the time to discover and detect vulnerabilities, in general, has a significant impact on the amount of risk carried by an organization. 无代理评估旨在增强安全团队的能力,以快速高效的方式获得云配置的完整可见性,并执行全面的漏洞评估,从而为我们的客户更快地降低风险提供更好的机会。
Agentless Assessment for AWS
Tenable Cloud Security Agentless Assessment for AWS enables cloud security teams to use the power of Nessus for vulnerability and misconfiguration assessments without the need to install scanners or agents, configure credentials on target hosts or set up scan policies. 通过专有的方法,用户可以在几分钟内完成其云帐户的引导,然后扫描所有资产以查找软件漏洞和云态势错误配置,而不会对计算速度或成本产生任何影响。 The speed at which we're able to collect data, coupled with our event-driven approach, dramatically improves Tenable's ability to ensure our customers are confident in the vulnerability information we're providing. In the process, we're helping cloud security teams and developers quickly identify security weaknesses and providing actionable recommendations on what should be done to fix them.
Furthermore, when a new vulnerability detection is published to our vulnerability research feed, Tenable Cloud Security allows security teams to identify potential vulnerabilities within their existing collected inventory without needing to execute a new scan. 这种近乎实时的检测和独特的漏洞评估方法使用户能够减少问题平均修复时间。 因此,该功能可以为关键的数据安全团队提供所需的信息,以便就如何对修复工作进行优先级分析做出明智的决定。
Additional benefits of Tenable Cloud Security Agentless Assessment include:
- 易于部署:无代理评估以 API 为驱动,因此其部署只需单一集成点:即一个只读角色即可一举检查错误配置和漏洞。
- 二合一解决方案: 使用单一工具即可扫描漏洞和云基础设施配置。
- 扫描开销有限: There are no agents to deploy or bake in, no scan templates, and no policies to define. Data simply flows into Tenable Cloud Security.
- 漏洞检测的黄金标准: The Tenable vulnerability and threat feeds, trusted by thousands of organizations around the globe, are utilized by Agentless Assessment.
- 持续漏洞保证: When new vulnerabilities are identified and detections are created, the Tenable Cloud Security immediately rescans and re-assesses all stored inventories against the most updated vulnerability feed.
- 安全:扫描为只读,无需写入权限。
- 灵活性: 该工具允许用户运行持续的软件即服务 (SaaS) 事件驱动扫描、计划扫描,或仅仅临时执行手动扫描。
Additionally, Tenable Cloud Security Agentless Assessment makes it easy for cloud security teams to ensure AWS cloud workloads are configured correctly by providing pre-built policy templates for detecting risks in runtime, such as:
- 基于身份(例如,管理员授权过多)
- 不安全的存储配置或访问活动(例如,AWS 中完全开放和/或未加密的 Amazon Simple Storage [S3] 存储桶等)
- 不安全的实例创建和删除
- 不安全的网络配置和活动
- 更多功能敬请期待…
如何使用 AWS 无代理评估
第 1 步 几分钟内完成所有 AWS 帐户的引导。
入门非常简单快捷。 All you need are read-only and IAM Audit roles, easily deployed in a few steps for multi-account AWS environments. These will automatically deploy the needed role at all sub accounts that are within scope. Tenable Cloud Security automatically creates snapshots of your virtual disks to scan, so there's no need to separately create storage snapshots. This video also shows how to create an optional auto-remediation role. All the JSON needed for these roles is provided.
第 2 步 启动无代理评估扫描
With Agentless Assessment, there are no scan templates to configure, you've already deployed the role so you have no credentials to set up. Your workloads and AWS environment are automatically scanned as soon as you complete onboarding. Data simply flows into Tenable Cloud Security and vulnerabilities are presented within the unified findings workspace.
第 3 步 实现所有云资产的最新可见性,且易于搜索
As data flows into Tenable Cloud Security, users can leverage existing functionality to prioritize vulnerabilities for remediation. Users immediately have access to the contextualized threats, Toxic Combinations that show risks based on your environment and configurations, excessive permissions, and much more.
接下来做什么?
Existing Tenable customers can now get early access to Tenable Cloud Security Agentless Assessment for AWS. 这项新功能计划于 9 月底全面推出。 预计在第四季度,Tenable 将发布 Microsoft Azure 和 Google Cloud Platform (GCP) 无代理评估,以及围绕容器安全的其他增强功能。
了解详情
- 阅读博文:全新推出包含无代理评估和实时检测结果功能的 Tenable Cloud Security
- 参加网络研讨会:Tenable Cloud Security 最新功能有哪些?
- Visit the Tenable Cloud Security product page: https://www.tenable.com/products/tenable-cloud-security
相关文章
- Cloud
- Threat Management
- Vulnerability Management