CRN Exclusive: Tenable Unveils New Partner Program To Help Customers Bridge Their 'Cyber Exposure' Gap
Tenable on Tuesday launched its Cyber Exposure partner ecosystem, which the company hopes will help customers secure the disparate tools across their ecosystem and build more resilient cybersecurity programs.
The Columbia, Md.-based company hopes to roll out a series of enhanced technology integrations to help organizations better manage and reduce risk as they take on more new technologies like cloud computing, the Internet of Things, and connected operational technology.
"We’re trying to help customers deal with the cyber exposure gap … the idea here is that security industry needs to keep up with the IT industry and in some cases, operational technology,’ Ray Komar, vice president of tech alliances of Tenable, told CRN. "As companies continue to modernize their IT stack, the attack surface has changed to encompass technology like OT, cloud and containers. The challenge with that is that legacy tools and approaches haven’t kept pace … we want to power a legitimate cyber exposure approach to market."
[Related: Tenable Launches New Channel Program To Help Partners Drive Sales Around Cloud, IoT Security]
As part of its Cyber Exposure partner ecosystem, Tenable is partnering with seven "best-of-breed" companies from cloud computing firms, to other security companies, to integrate their platforms so that customers can build out a better security platform.
These companies – which include ServiceNow, AWS, Splunk, McAfee, CyberArk, ForeScout and InfoBlox – will complement all four of what Tenable calls the cyber exposure lifecycle: the asset discovery phase, the assess phase, the analyze phase, and the fix phase, said Komar.
"With the solution set we have today, we’ve made a realistic assessment that we can contribute to part of the [cyber exposure] lifecycle … but the partners each have their support for different parts of the lifecycle," he said. "We’re redesigning our existing relationships with partners to help power all parts of the cyber exposure lifecycle."
For instance, companies like ServiceNow will complement Tenable with its capabilities around analyzing and assessments, while McAfee can help with the "fix" phase of the cyber exposure lifecycle.
ServiceNow, a Santa Clara, Calif.-based cloud computing company, offers the assess and analyze capabilities, so the company’s partnership will enable customers to automatically sync IT asset data from the ServiceNow Security Operations platform with Tenable’s technology to better discover and assess assets.
’Our security operations offering revolves around vulnerability response … we’re partnering with folks like Tenable to ingest the information from their vulnerability scans, and take that data to marry it with ours to see which vulnerabilities should be addressed first,’ Piero DePaoli, senior director of product marketing for ServiceNow’s security business, told CRN.
Tenable's Nessus platform serves as a monitor analyzing network traffic to provide visibility into managed and unmanaged assets on the network.
The company began targeting industrial IoT applications, saying in June that it has incorporated its Nessus Network Monitor with new container and web application security products, to enable vulnerability management of operational technology assets.
The Cyber Exposure program will be folded into Tenable’s Assure partner program, which the security company launched in August as a way to equip partners with the marketing, training and deal registration ammunition they need to drive new business in the security landscape.
Solution providers and managed services partners, for their part, will also benefit from the new Cyber Exposure integrated solutions as they will have an opportunities to "drive additional value on the technical side," said Komar.
"A solution provider might be a Splunk, ServiceNow and Tenable partner … this will allow them to put a cohesive offering in front of a customer and wrap higher margin dollars around that solution," he said.
Moving forward, Komar said "this isn’t a one and done scenario," and the company hopes the news represents a commitment to continue partnering moving forward to create an effective cyber exposure lifecycle solution.
"At the highest level, the goal is to decrease the cyber exposure gap," said Komar. "At the end of the day, it’s an effective approach to fixing the root cause of these security issues. To date, the industry hasn’t made it easy to do that, and Tenable hopes to make it easier for customers to secure their workplaces at all levels."