Welcome to Tenable Cloud Security

Last updated: June 08, 2023

Tenable Cloud Security (formerly known as Tenable.cs) is designed to scan short-lived and long-lived multi-cloud instances and the infrastructure-as-code (IaC) you use to provision them. Tenable Cloud Security displays the vulnerabilities, misconfigurations, policy violations, breach paths, configuration drift, and remediation steps in unified dashboards that all DevSecOps teams can use.

How Tenable Cloud Security Works

Tenable Cloud Security connects to your cloud providers to scan your assets. Tenable Cloud Security scans your cloud for security risks and compliance violations without installing any agents into your runtime infrastructure. It also monitors the infrastructure deployments across AWS, Microsoft Azure, and GCP to alert any changes in production that can introduce cloud posture drift.

Connections to code repositories allow you to scan provisioning code and runtimes together.

The key features of Tenable Cloud Security are:

  • Agentless AssessmentTenable Cloud Security scans AWS workloads for security risks, compliance violations, and configuration drift without installing any agents into your runtime infrastructure. It securely scans your instance resources inside your own environment. For more information, see Agentless Assessment.

  • Cloud Security Posture Management (CSPM)Tenable Cloud Security continuously monitors cloud infrastructure for vulnerabilities, policy gaps, and configuration problems. For more information, see Connect Cloud Accounts.

  • Code scanningTenable Cloud Security scans Terraform and other code used to provision cloud systems on developers’ machines before it is checked in to code repositories (GitHub, Bitbucket, GitLab) or in the code repositories themselves. For more information, see Connect Repositories.

  • CI/CD integrationTenable Cloud Security integrates with Jenkins, Jira, and other CI/CD tools to monitor builds and prevent misconfigurations before code is built or deployed. For more information, see Configure CI/CD Integrations.

  • Tenable Vulnerability Management integrationTenable Cloud Security sends the scan data to Tenable Vulnerability Management to display the results on the reporting and remediation dashboards of Tenable Vulnerability Management. For more information, see Findings in Tenable Vulnerability Management.

For more information about using Tenable Cloud Security, see Getting Started with Tenable Cloud Security.

Note: Tenable Cloud Security can be purchased alone or as part of the Tenable One package. For more information, see Tenable One.

Tenable One Exposure Management Platform

Tenable One is an Exposure Management Platform to help organizations gain visibility across the modern attack surface, focus efforts to prevent likely attacks and accurately communicate cyber risk to support optimal business performance.

The platform combines the broadest vulnerability coverage spanning IT assets, cloud resources, containers, web apps and identity systems, builds on the speed and breadth of vulnerability coverage from Tenable Research and adds comprehensive analytics to prioritize actions and communicate cyber risk. Tenable One allows organizations to:

  •     Gain comprehensive visibility across the modern attack surface
  •     Anticipate threats and prioritize efforts to prevent attacks
  •     Communicate cyber risk to make better decisions

Tenable Cloud Security exists as a standalone product, or can be purchased as part of the Tenable One Exposure Management platform.

Tip: For additional information on getting started with Tenable One products, check out the Tenable One Deployment Guide.

For an overview of Tenable One, see the following video: