Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Cut Through the Marketing Hype: Determine Which Vulnerability Assessment Tool Is Right for Your Organization


Not all scanning solutions are created equal…

The vulnerability assessment market has changed dramatically over the past several years. A growing number of vendors who once provided scan tools that merely identified vulnerabilities across your network now enable you to proactively assess those vulnerabilities in terms of the risk they pose to your business.

And it doesn't just stop at scanning vendors. Many vendors offering tools such as security information and event management (SIEM), endpoint detection and response (EDR) and managed detection and response (MDR) have added vulnerability assessment capabilities to their offerings, as well.

The problem is, there's no one clear definition of what it means to assess and manage vulnerabilities. Not all vendors take a risk-based approach. And of those that do, there's certainly no universal agreement on the best way to quantify that risk, which leads to muddled attempts to effectively prioritize remediation efforts. As a result, many security professionals struggle to navigate the wide range of vendor offerings, and to separate the marketing hype from what will truly make them more efficient and effective.

When evaluating any of these products, it's essential to understand how each will help you prioritize the vulnerabilities that pose the greatest risk to your organization. Are they simply taking and repackaging Common Vulnerability Scoring System (CVSS) base scores, or are they adding context using a variety of sources? Do they use data science and machine learning to automate the process of analyzing vast amounts of security data to arrive at a conclusion? Do they take asset criticality into account — and if so, to what extent? The goal is to help you more efficiently manage cyber risk across your attack surface, so you want a solution that can help you get there.

To help you determine what to look for, there's a Gartner research report that we think you'll find valuable: Market Guide for Vulnerability Assessment.

As the report points out, Vulnerability Prioritization Technology (VPT) "saves significant time over trying to do this analysis manually. It also provides better insight and context because acting on these prioritized results will substantially reduce an organization's attack surface, with the least amount of time and the most efficient use of staff resources."

Of course, the vulnerability assessment solution, itself, isn't enough. You want it to integrate with other critical components of your security stack. By integrating with your IT services module (ITSM), configuration management database (CMDB), ticketing and workflow management systems, and even your SIEM and security orchestration, automation, and response (SOAR) solutions, your entire security program can run far more efficiently and maximize your team's effectiveness.

And, finally, the vulnerability assessment solution you choose should be built to support new, emerging and even future technologies. Think of it this way: If your vulnerability assessment tool can only discover and assess physical, on-premises assets today, what use will it be moving forward? Even if you add visibility into cloud assets, you're still behind the curve when it comes to the most dynamic aspects of your network, including containers, web apps, and operational technology environments. You need the ability to expand your scanning program to future environments and asset types, as technology and business needs evolve.

According to the Gartner report, "prioritization by a VA vendor can be a good starting point for small and midsize clients using a homogeneous environment of a VA vendor for security testing. Also, buying an add-on product from the same vendor helps vendor consolidation, and sometimes cost, with less effort placed on new training and tool deployment. This is a key area of innovation that end users are strongly advised to seek out in their procurement cycles and prioritize in the future." We believe that Tenable's comprehensive family of solution offerings, including Tenable.ep, Tenable.io, Tenable Lumin, Tenable.ad and Tenable.ot deliver the breadth of coverage you need to assess your entire attack surface, and the depth of vulnerability prioritization technology to help you reduce the greatest amount of risk with the least amount of resources.

We believe that the 2021 Gartner Market Guide for Vulnerability Assessment can help provide the information you need to make a more informed decision. 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 

Gartner Market Guide for Vulnerability Assessment, Shilpi Handa, Craig Lawson, Mitchell Schneider, 25 June, 2021

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training