Breakthrough in vulnerability management enables organizations to focus on the three percent of vulnerabilities that have been or will likely be exploited in the next 28 days
Tenable®, Inc., the Cyber Exposure company, announced the general availability of Predictive Prioritization, a first-of-its-kind offering that will change how organizations tackle vulnerabilities. Predictive Prioritization enables organizations to reduce business risk by focusing on the three percent of vulnerabilities with the greatest likelihood of being exploited in the next 28 days. This game-changing capability is generally available within the company’s on-premises vulnerability management offering — Tenable.sc™ (formerly SecurityCenter) — which is a core component of the Tenable Cyber Exposure platform.
Effectively prioritizing vulnerabilities is fundamental to cybersecurity. Yet, knowing where an organization is most exposed to threats is increasingly daunting given the volume of vulnerabilities. According to the National Vulnerability Database, there were 16,500 new vulnerabilities disclosed in 2018 alone, of which only a small fraction was actively weaponized for cyberattacks. This deluge of vulnerabilities, combined with the inability to identify those that pose an actual threat to the business, leaves organizations unable to effectively measure, manage and reduce their risk.
Predictive Prioritization addresses this massive problem. It analyzes Tenable vulnerability data combined with third-party vulnerability data and threat intelligence across 150 data sources using a proprietary machine learning algorithm to predict the likelihood a vulnerability will be exploited in the next 28 days. For the first time, organizations will be able to evolve their vulnerability remediation efforts from reactive to predictive by focusing on the three percent of issues that could and likely will be exploited. This threat-centric model is such a critical component of modern vulnerability management that Tenable has made Predictive Prioritization a core feature of its vulnerability management platform offerings.
“Predictive Prioritization is a massive innovation in vulnerability management. It will change the way companies run their vulnerability management programs by giving them a new level of insight on where to focus based on threats to the business,” said Renaud Deraison, co-founder and chief technology officer (CTO). “Predictive Prioritization is unprecedented in the vulnerability management market and will help organizations answer foundational questions about where they’re exposed and what vulnerabilities to prioritize for remediation based on the threat landscape — two questions that are critical for achieving Cyber Exposure.”
Predictive Prioritization is generally available in Tenable.sc 5.9, for on-premises vulnerability management. Predictive Prioritization will be generally available in Tenable.io®, for cloud-based vulnerability management, later in 2019.