How Tenable Can Help

Clicking on malware designed to deceive users, either inside of an email or on a malicious website, is a very common and successful method of attack. This method is best cured with a solid cybersecurity awareness program. Awareness Training is an invaluable tool in educating users on best practices; in particular on how to identify phishing emails, how to avoid browser plugins, extensions, and keeping applications up-to-date. All of which reduce the likelihood of this type of attack being successful.

Knowing what email and web browser applications are installed, as well as their plugins is critical to protecting your organizations. Another common attack path is via unpatched applications. Email clients and web browsers which are unpatched, may contain vulnerabilities that allow a compromised user’s device to be vulnerable to a number of attacks. In regard to web browsers, malicious or poorly coded extensions may allow attackers to gain unauthorized access to sensitive information, or inject malicious code.

To mitigate these vulnerabilities, users and organizations should practice safe email and web browsing habits, keep software up-to-date, and utilize anti-virus and anti-phishing software, and only install approved applications and plugins. Tenable can assist organizations to reduce these threats by minimizing the attack surface associated with web browsers and email systems.

Tenable leverages a variety of products within our portfolio to effectively manage and prioritize business exposure across the entire attack surface. Exposure management is a set of processes and technologies that assess the accessibility, exploitability, and criticality of digital assets across the modern attack surface. Exposure Management is the natural evolution of existing vulnerability management programs, elevating factors like likelihood of attack, human and machine permissions, viability of attack paths, and potential business impact. Cyber Exposure Studies help organizations build a path which focuses on the products and methods that best assist organizations with a specific goal in mind.