Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Trust and Assurance Keeping your data secure is our top priority.

Security is core to our corporate ethos. Our products are designed to protect the confidentiality, integrity and availability of all of your data.

Get the Data Sheet
Trust and Assurance

Trust Tenable with Your Data Security and Privacy

Our products protect your privacy and give you control over your data. Built on a safe, secure and compliant cloud, thousands of customers trust Tenable with their vulnerability data.

Data Security

Tenable is committed to protecting the confidentiality, integrity and availability of all of your data. Tenable.io data is encrypted in transit and stored using modern ciphers and methods recommended by security industry and standards organizations. Multiple network controls, access controls and container isolation ensure that security is built into every aspect of our products to protect your data.

Data Security

Encryption

Tenable.io data is encrypted in transit and storage using TLS Encryption ciphers and AES-256. Encryption is applied to various application infrastructure layers with highly restricted access to securely stored encryption keys.

Access Controls

Tenable uses many mechanisms to help you control data access, including account lockout after 5 failed login attempts, SAML and two-factor authentication. Access can also be controlled via API keys.

Network Controls

The Tenable cloud platform is built on isolated, private networks and uses multiple network controls such as container isolation, inbound/internal traffic restrictions, monitoring of traffic rates, sources and types at multiple network points.

Regular Security Assessments

Tenable performs frequent vulnerability, docker container and web applications scans in addition to leveraging the Tenable Research team and third parties to conduct periodic security assessments.

Data Privacy

One of our top priorities is ensuring only you can access your data and preventing any noncustomers or bad actors from accessing, disclosing or violating the privacy and protection of data stored in the Tenable cloud platform. PII data is anonymized via a one way salted hash using SHA-256. Further, using multiple data access controls and data localization our products are built to protect your data and help you meet privacy obligations.

Data Privacy

Data Anonymization

The Tenable cloud does not collect scan or PII data. Any potentially identifying customer data is anonymized before ingestion via a one-way salted hash using SHA-256.

Data Access

Tenable uses a number of data access controls including account lockout, two-factor authentication and SAML. Access to anonymized data is restricted to the Tenable Research team only, and is controlled through a central directory system.

Data Localization

Collection and processing of customer scan data occurs within a customers geographic region. Results are anonymized and only then are aggregated with similar data in our analytics platform.

Certifications and Assurance

With multiple certifications including ISO 27001, NIAP and Privacy Shield Framework, Tenable products help you navigate your compliance and ensure powerful security assurance in the cloud. Tenable is also a member of the CSA STAR program.

Certifications and Assurance
FedRAMP

FedRAMP

Tenable.io and Tenable.io Web App Scanning (WAS) received FedRAMP Authorization to Operate (ATO) in 2021, demonstrating our commitment to cloud security and compliance.

StateRAMP

StateRAMP

Tenable.io is StateRAMP Authorized, demonstrating our commitment to the security of State and Local Government agencies.

Cloud Security Alliance (CSA) STAR

Tenable is a member of the CSA STAR program. CSA STAR is the industry's most powerful program for security assurance in the cloud. To view the security controls for Tenable.io, visit the CSA website.

Privacy Shield Framework

Tenable is Privacy Shield Framework certified and complies with all data protection requirements when transferring personal data from the European Union and Switzerland to the United States.

ISO 27001

Tenable’s ISO/IEC 27001:2013 certification covers the ISMS supporting Tenable’s legal areas, human resources, information technology, software development, executive leadership, and customer support functions. Details are publicly available in the Schellman Certificate Directory.

National Information Assurance Program

Tenable has NIAP certifications for Tenable.sc, Nessus Manager, Log Correlation Engine (LCE), Nessus Network Monitor and Nessus Agent products.

Service Availability

Tenable has the industry’s first uptime guarantee of 99.95% to ensure your service is always on. Tenable implements and enforces measures to ensure that Tenable services are highly available, guarded against attacks or simple faults and outages and always usable.

Service Availability

Guaranteed Uptime

Tenable has an uptime guarantee of 99.95% through a robust SLA, with service credits offered if the SLA is not met.

High Availability

Tenables uses the AWS platform and other leading technologies to ensure high availability. Using fault tolerant and redundant components, Tenable ensures you get the best possible service with minimal downtime.

Secure Software Development

Tenable has a dedicated team to drive the Secure Software Development Lifecycle (SSDLC). Leveraging automated security testing they identify potential vulnerabilities within source code, dependencies, and underlying infrastructure to ensure we ship secure, high-quality products at pace.

Secure Software Development

Governance

Tenable’s SSDLC team ensures adherence to security controls in our processes and uses automated Security Testing to identify potential vulnerabilities. All tests must meet a strict scoring criteria before products are released.

Static Application Security Testing (SAST)

Tenable analyzes the application source code for bugs, tech-debt and vulnerabilities to ensure security and quality of our products.

Dependency and Third-Party Library Scanning

Tenable analyzes project dependencies to determine vulnerabilities and licensing issues.

Dynamic Application Security Testing (DAST)

Tenable regularly runs automated web application scans against our products to discover bugs, exploits and vulnerabilities early in the development process.

Container Security

Vulnerability assessments are performed on all container images to detect any vulnerable software running on a given container. Strict scoring requirements prevent the shipment of vulnerable containers until all issues have been resolved.

Code Standards and Role-Based Access Control

Tenable's baseline source code control standards align to certification requirements and industry best practices. Standards include: peer code reviews, role-based access control, least privilege, code and repository ownership, segregation of duties- and more.

​ ​

취약성 관리

As a leading provider of vulnerability management solutions, Tenable leverages its platforms to perform internal scans and analyze vulnerabilities on laptops, infrastructure and cloud environments.

Secure Software Development

Featured products

FAQ

How does Tenable protect my data?
Which customer data does Tenable.io manage?
Which customer asset and vulnerability data does Tenable.io manage?
Does Tenable analyze or use customer data?
Can customers opt out of health and status data collection?
Which usage data does Tenable.io collect?
Can users opt out of usage data collection?
Where is customer data stored?
Can a customer force data to remain in a specific location/country?
How is customer data protected within Tenable.io?
How does Tenable perform secure development?
Which customer application security is available?
How is data encrypted?
Can customers upload their own keys?
Has Tenable achieved any privacy or security certifications, such as Privacy Shield or CSA STAR?
How does Tenable protect Personally Identifiable Information (PII)?
Is customer data separated?
Which security controls protect Tenable.io?
How are Tenable.io sensors secured?
How is Tenable.io availability managed?
Where is data replicated?
Which disaster recovery capabilities are in place?
Who can access customer data?
How are user roles and permissions managed?
Can Tenable staff access customer data?
Who can use the impersonate function?
Does the data leave the country when Tenable is troubleshooting a technical issue?
Will Tenable support staff have access to a customer’s internal network?
What is the Tenable.io Data Retention Policy?
How long is active scan data retained?
If a customer discontinues the Tenable.io service, how long is data retained?
How long is PCI-related data retained?
How long is Tenable.io usage data retained?
Does Tenable.io have Common Criteria certification?

Tenable
실제 작동 보기

“저희는 모든 솔루션을 심도 있게 조사했습니다. 그 결과, Tenable이 확실한 선택이었습니다.” Matt Ramberg, Sanmina의 정보 보안 담당 부사장
tenable.io

비교할 수 없는 정확도로 모든 자산을 확인하고 추적할 수 있는 최신 클라우드 기반 취약성 관리 플랫폼 전체에 액세스하십시오.

tenable.io 구매

비교할 수 없는 정확도로 모든 자산을 확인하고 추적할 수 있는 최신 클라우드 기반 취약성 관리 플랫폼 전체에 액세스하십시오. 지금 연간 구독을 구매하십시오.

65 자산

구독 옵션 선택:

지금 구매

Nessus Professional 무료로 사용해 보기

7일간 무료

Nessus®는 오늘날 시장에서 가장 포괄적인 취약성 스캐너입니다. Nessus Professional은 취약성 스캔 프로세스를 자동화하고 컴플라이언스 주기에서 시간을 절약하고 IT 팀이 참여할 수 있도록 합니다.

Nessus Professional 구매

Nessus®는 오늘날 시장에서 가장 포괄적인 취약성 스캐너입니다. Nessus Professional은 취약성 스캔 프로세스를 자동화하고 컴플라이언스 주기에서 시간을 절약하고 IT 팀이 참여할 수 있도록 합니다.

여러 해 라이선스를 구매하여 절감하십시오. 연중무휴 전화, 커뮤니티 및 채팅 지원에 액세스하려면 Advanced 지원을 추가하십시오.

라이선스 선택

여러 해 라이선스를 구매하여 절감하십시오.

지원 및 교육 추가

Tenable.io

비교할 수 없는 정확도로 모든 자산을 확인하고 추적할 수 있는 최신 클라우드 기반 취약성 관리 플랫폼 전체에 액세스하십시오.

Tenable.io 구매

비교할 수 없는 정확도로 모든 자산을 확인하고 추적할 수 있는 최신 클라우드 기반 취약성 관리 플랫폼 전체에 액세스하십시오. 지금 연간 구독을 구매하십시오.

65 자산

구독 옵션 선택:

지금 구매

Tenable.io Web Application Scanning 사용해 보기

Tenable.io 플랫폼의 일부로 최신 애플리케이션을 위해 설계된 최신 웹 애플리케이션 스캐닝 서비스에 대한 전체 액세스 권한을 누리십시오. 많은 수작업이나 중요한 웹 애플리케이션 중단 없이, 높은 정확도로 전체 온라인 포트폴리오의 취약성을 안전하게 스캔합니다. 지금 등록하십시오.

Tenable.io Web Application Scanning 구매

비교할 수 없는 정확도로 모든 자산을 확인하고 추적할 수 있는 최신 클라우드 기반 취약성 관리 플랫폼 전체에 액세스하십시오. 지금 연간 구독을 구매하십시오.

5 FQDN

$3,578

지금 구매

Tenable.io Container Security 사용해 보기

취약성 관리 플랫폼에 통합된 유일한 컨테이너 보안 서비스에 대한 전체 액세스 권한을 누리십시오. 컨테이너 이미지에서 취약성, 맬웨어 및 정책 위반을 모니터링합니다. 지속적 통합 및 지속적 배포(CI/CD) 시스템과 통합하여 DevOps 실무를 지원하고 보안을 강화하고 기업 정책 컴플라이언스를 지원합니다.

Tenable.io Container Security 구매

Tenable.io Container Security는 빌드 프로세스와의 통합을 통해 취약성, 맬웨어, 정책 위반 등 컨테이너 이미지의 보안에 대한 가시성을 제공하여 DevOps 프로세스를 원활하고 안전하게 지원합니다.

Tenable Lumin 사용해 보기

Tenable Lumin을 사용하여 Cyber Exposure를 시각화 및 탐색하고 시간 경과에 따른 위험 감소를 추적하고 유사한 조직을 벤치마크하십시오.

Tenable Lumin 구매

조직 전체에서 인사이트를 얻고 사이버 위험을 관리하는 데 Lumin이 어떻게 도움이 되는지 알아보려면 영업 담당자에게 문의하십시오.

Tenable.cs 사용해 보기

클라우드 인프라 구성 오류를 탐지 및 수정하고 런타임 취약성을 볼 수 있는 전체 액세스 권한의 이점을 누리십시오. 지금 무료 평가판에 등록하십시오.

영업 담당자에게 연락하여 Tenable.cs 구매

영업 담당자에게 연락하여 Tenable.cs 클라우드 보안에 대해 자세히 알아보고, 클라우드 계정을 온보딩하는 것이 얼마나 쉬운지 확인하고, 몇 분 내에 클라우드 구성 오류와 취약성에 대한 가시성을 얻으십시오.

Nessus Expert 무료로 사용해 보기

7일간 무료

최신 공격 표면을 방어하기 위해 구축된 Nessus Expert를 사용하면 IT부터 클라우드까지, 더 많은 것을 모니터링하고 조직을 취약성으로부터 보호할 수 있습니다.

Nessus Professional이 이미 있습니까?
7일간 Nessus Expert로 무료 업그레이드하십시오.

Nessus Expert 구매

최신 공격 표면을 방어하기 위해 구축된 Nessus Expert를 사용하면 IT부터 클라우드까지, 더 많은 것을 모니터링하고 조직을 취약성으로부터 보호할 수 있습니다.

라이선스 선택

프로모션 가격은 9월 30일에 종료됩니다.
여러 해 라이선스를 구매하여 비용을 더 절감하십시오.

지원 추가