Facebook Google Plus Twitter LinkedIn YouTube RSS 菜单 搜索 资源——博客资源——在线研讨会资源——报告资源——事件icons_066 icons_067icons_068icons_069icons_070

现代新型网络攻击面

各种规模的企业都积极接纳数字化转型,以建立新的业务模式和生态系统,提供新的产品和服务,并在数字经济中更高效地运营。新的数字计算平台和发展转变如云、移动、SaaS 和 DevOps 等,使得在一天之内即可将概念变成实际能力。从公司会议系统到电网等所有类型的实体设备和系统,现在都已联网并可编程,为数字化转型创造了更大的机遇。

有些人说,这些数字技术是未来。但事实是,未来就在此时此地。到 2019 年,在企业中将部署超过 90 亿物联网 (IoT) 设备,超过 90% 的企业将在今天的云中运行应用程序。

POV 外部(首稿)

虽然数字化转型带来众多全新机遇,但也带来新的需要防御的网络攻击面。

而且其正在呈爆炸式发展。

Cyber Exposure风险

The tools and approaches organizations are using to understand cyber risk don’t even work in the old world of client/server, on-premises data centers and a linear software development lifecycle where there is less complexity and more control over security.现在,资产已不仅仅是一台笔记本电脑或服务器那么简单。它们是数字计算平台和资产的复杂组合,代表着您的现代攻击面,资产及其相应的漏洞风险就像活着的有机体,不断地延伸、收缩和演变。

Cyber Exposure Gap Graphic

这一弹性攻击面在企业于任何特定时间真正了解自身Cyber Exposure的能力中造成了巨大缺口。我们称之为Cyber Exposure风险。

一些企业试图通过几种方法消除Cyber Exposure风险

锁形图标

Throw 100s of security tools at the problem to protect from the ‘threat of the week’, creating siloed visibility, management overhead and reactive firefighting.

CMDB 图标

Rely on a CMDB to get visibility into asset configuration, but 85 percent of these projects fail in part due to stale data and they weren’t built to discover and map today’s modern assets.

警告图标

Take a ‘scan the network’ approach to identify vulnerabilities.While this is foundational to understanding your cyber exposure gap, the old “one size fits all” techniques and tools haven’t adapted for the modern attack surface.

没有人能够针对新型攻击提供弥补Cyber Exposure所需的安全可视和专注性。

直到现在,情况才得到改观。

欢迎来到现代Cyber Exposure的时代

Cyber Exposure is an emerging discipline for managing and measuring cybersecurity risk in the digital era.Cyber Exposure transforms security from static and siloed visibility into cyber risk to dynamic and holistic visibility across the modern attack surface.Cyber Exposure translates raw vulnerability data into business insights to help security teams prioritize and focus remediation based on business risk.Cyber Exposure provides executives and boards of directors with a way to objectively measure cyber risk to help guide strategic decision making.Just as other functions have a system of record - including ITSM for IT and CRM for Sales - Cyber Exposure solutions will provide Security with a system of record to help them effectively manage and measure cyber risk.

Cyber Exposure builds on the roots of Vulnerability Management, designed for traditional assets such as IT endpoints and on-premises infrastructure, moving from identifying bugs and misconfigurations and expanding to the following:

Live discovery of any digital asset across any computing environment

持续安全可视,了解在哪些地方资产是安全的,或有暴露风险,以及暴露的程度

Prioritization of remediation based on business risk

Benchmarking of cyber exposure compared to industry peers and best in class organizations

Measurement of Cyber Exposure as a key risk metric for strategic decision support

Addressing the full
Cyber Exposure生命周期

发现

Identify and map every asset across any computing environment

评估

Understand the cyber exposure of all assets, including vulnerabilities, misconfigurations and other security health indicators

分析

Understand exposures in context, to prioritize remediation based on asset criticality, threat context and vulnerability severity

修复

Prioritize which exposures to fix first, if at all, and apply the appropriate remediation technique

衡量

Measure and benchmark cyber exposure to make better business and technology decisions

所有企业,不论大小,
will be able to confidently answer four questions at all times:

1
我们有哪些方面暴露于风险之下?
2
我们应当根据风险优先处理哪些方面?
3
Are we reducing our exposure over time?
4
How do we compare to our peers?

Learn more about Tenable.io Lumin, the new Tenable solution that for the first time empowers CISOs to confidently visualize, analyze and measure cyber risk.With the industry's first Cyber Exposure command center, Tenable is arming CISOs to quantify and benchmark their Cyber Exposure.

了解更多

如果您在日益扩大的Cyber Exposure风险中盲目飞行……
……这绝不是 Tenable 的风格。

加入行动。

Tenable 奠基于创新。我们以 Nessus 起步,开发出世界上部署最广泛的漏洞风险评估解决方案。有力且灵活地适应当今现代资产的独特需求。现在,通过 Tenable.io,我们已提供世界上首个Cyber Exposure平台,对任何计算平台中的任何资产提供安全可视。而且,我们才刚刚启程……

探索我们的产品 阅读博客文章

免费试用 立即购买

试用 Tenable.io 漏洞管理

可免费试用 60 天

享受现代、基于云的漏洞风险管理平台的完整权限,可让您以无与伦比的精确度查看和跟踪所有资产。立即注册并在 60 秒钟内运行第一次扫描。

购买 Tenable.io 漏洞管理

享受现代、基于云的漏洞风险管理平台的完整权限,可让您以无与伦比的精确度查看和跟踪所有资产。现在就购买年度订阅。

65资产

免费试用 Nessus 专业版

可免费试用 7 天

Nessus® 是当今市面上最全面的漏洞风险扫描工具。Nessus Professional 可帮助自动化漏洞风险扫描过程,节省合规周期的时间,并可让您提升 IT 团队敬业度。