Web Application Scanning On-Prem Now Available

Earlier this year, we introduced Tenable.io on-prem, an on-prem deployment option for our Cyber Exposure platform. While Tenable.io is first and foremost a cloud-delivered platform, Tenable.io on-prem is the right platform for organizations who have strict requirements to keep their security and compliance data locally within their organization’s boundary.

Customer choice and flexibility are important to us, which is why we’ve worked hard to ensure that our on-prem customers get many of the same great capabilities that our cloud customers have come to love. This includes: Nessus sensors for active and agent-based scanning and passive network monitoring, an API and SDK for those who want to automate the sharing of Tenable.io capabilities and vulnerability data, the same user-friendly UI and now Web Application Scanning.

We’re very excited to launch Web Application Scanning on-prem and meet this critical need for our on-prem customers. Web Application Scanning on-prem works with Tenable.io on-prem and ensures on-prem scanning of web applications, allowing data to be kept locally, on a customer’s premises.

Why do you need Web App Scanning?

Why do you need Web App Scanning? Well, it’s no secret that lack of web application security can kill companies. Take Equifax, for example. We’re all familiar with this breach. And many of us were affected by it. It originated from unpatched vulnerabilities in the Apache Struts web application.

The reality is Equifax isn’t alone in their poor cyber hygiene: the average time it takes to remediate high-risk and critical web application vulnerabilities is measured in months, not days or even weeks. Taking it a step further, the amount of vulnerabilities in web applications is staggering, with TechRepublic reporting that 99.7% of web apps have at least one vulnerability.

And organizations often have hundreds – or thousands – of web applications. The sheer prevalence of vulnerabilities makes this attack vector attractive to adversaries. And the potential impact web app attacks could have on your company makes this blind spot an essential one to secure. We can help.

Tenable Web App Scanning is available in the cloud or on-prem. Benefits include:

• Comprehensive vulnerability scanning for modern web applications
• Accurate vulnerability coverage to minimize false positives and negatives
• Safe scanning with the capability to define parts of critical web applications that are safe to scan and define other parts that should never be scanned, to prevent performance latency and disruptions
• Highly automated scans with the capability to easily define frequency and timing parameters for continuous testing
• Unified view of all your vulnerabilities in one place to eliminate gaps and inconsistencies that come with managing multiple, siloed solutions
• Complete understanding of the sitemap and layout of your web apps to see and assess your web apps globally
• Flexible deployment: Available in the cloud or on-prem for organizations that need the ability to keep web application scanning data locally

Learn more about Web Application Scanning

• Visit the Web Application Scanning webpage
• Contact us to see how Tenable can help you prevent web app attacks