Network security company Tenable Inc. today announced the addition of Nessus Expert to its portfolio of vulnerability assessment solutions.

The service is designed to give security consultants, penetration testers and security practitioners extended external capabilities and expanded visibility into cloud-native environments.

Nessus Expert is claimed to be the first service to address managing external assets and cloud configurations head-on. Tenable argues that most enterprises lack good accounting of their external footprint, which is easily exploitable by cybercriminals and other threat actors. The company also says that as organizations are leveraging public clouds, they frequently deploy cloud security solutions too late in their development cycle.

Tenable says that the best way to gain maximum advantage from the cloud is for organizations to begin with infrastructure-as-code or IaC security, catching misconfigurations and software vulnerabilities before anything is ever deployed. This is where Nessus Expert steps in.

The service applies a smarter and simplified approach to DevSecOps, an approach to information technology security that’s shared by development, security and operations staff. The goal is to enable users to understand external attack surfaces that could be exposed to threat actors and to assess IaC for vulnerabilities before runtime. The service is equipped with external attack surface discovery and IaC security analysis, providing pen testers, consultants, small to medium-sized enterprises and developers what the company says is a competitive edge with their expanded risk assessment capabilities.

Key new capabilities in Nessus Expert include external attack surface discovery to discover internet-facing assets in domains and subdomains associated with an organization. IaC scanning in the new release establishes guardrails in automated GitOps, an operational framework that leverages DevOps best practices used for application development. It also provides for continuous integration and continuous deployment or CI/CD processes that ensure secure deployments with minimal effort, using up to 500 pre-built policies.

“We’ve enhanced capabilities to address cloud instances that are constantly updating and connecting to various sources,” Glen Pendley, chief technology officer at Tenable, said in a statement. “Nessus Expert delivers modern vulnerability assessment capabilities that cover everything from internal and external assets to code and cloud configurations before anything is ever deployed. This is a game-changer for both assessing DevSecOps and infrastructure security.”

Photo: Ordercrazy/Wikimedia Commons