The task of users identifying potential vulnerabilities on their Amazon Machine Images when using Amazon Web Services should become a good deal easier now that Tenable Network Security has joined the AWS Marketplace.
Tenable is already used by more than 20,000 organisations including, according to the company, the entire U.S. Department of Defense to provide on-demand vulnerability scanning.
Joining the Marketplace will allow AWS customers access to Tenable’s Nessus scanning service so they scan, audit, and monitor software vulnerabilities on all of their Amazon Machine Images (AMI). The collaboration between Tenable and AWS provides added security through strong vulnerability, configuration and patch assessment for enterprise customers looking to build, operate or maintain their applications in the AWS cloud.
“AWS provides our company with a secure, scalable cloud infrastructure, but we needed to ensure that our AWS image is securely developed and maintained. Nessus provides us that peace of mind.”
With AWS’ shared responsibility security model, the company guarantees that its underlying cloud infrastructure is secure, reliable and flexible, and customers take responsibility for the security of their own AMI virtual appliance (guest OS and application). But adding Tenable’s Nessus vulnerability scanner provides them with the ability to secure the AMI virtual appliance throughout the software development, deployment and production lifecycle.
During development it will scan the AMI after each software build to ensure secure coding. During staging it will scan AMI before deploying into production, where it the monitors the AMI in a live AWS environment for the latest software threats and vulnerabilities.
Equipped with plugins/checks specifically designed to detect vulnerabilities within AMIs, Nessus securely transmits scan results back to the Tenable SecurityCenter management console for analysis alongside on-premises scan results. With this integration, Tenable customers can be assured that critical IT applications are secure whether hosted on premises or in the AWS cloud.
Available now as a Nessus Virtual Scanner Appliance within the AWS Marketplace, Tenable users can roll out new Nessus AMI instances under the company’s BYOL (Bring Your Own License) model.
