With its consent to purchase Vulcan Cyber, Tenable is poised to close substantial gaps in its coverage management platform.
Tenable introduced the Feasible One Exposure Management Platform in 2022, claiming to be the first vendor to increase publicity management to its risk management platform. Tenable’s publicity management, however, was unable to integrate telemetry with another vendor IT and security tools. This is where Vulcan Cyber’s contact management offering, which can connect with more than 100 third-party protection tools, can make a difference for Feasible.
According to Feasible top VP of items Jason Merrick,” This will provide organizations the ability to include insights across the assault surface, not just what you point at Feasible but also that third-party data.” In the end, “our goal here is to assist organizations as they transition from contact management to vulnerability management, and finally gain that context in which to make better decisions.”
Vulnerability Management Added to Vulnerability Management
Unlike risk management offerings that are designed to learn, evaluate, promote, and alleviate threats in IT assets, contact management considers an organization’s cybersecurity posture and performs risk assessment.
Additionally, some Tenable rivals include publicity management in their product portfolios. For example, CrowdStrike added <a class="ContentText-BodyTextChunk ContentText-BodyTextChunk_link" target="_blank" href="https://www.crowdstrike.com/en-us/press-releases/crowdstrike-unveils-new-innovations-to-drive-platform-consolidation/”>Exposure Management to its Falcon XDR app in 2023, and Microsoft just added contact management to Microsoft Defender, which somewhat includes third-party connectors. Tenable also made its Vulcan Cyber plans known, and CYE, a provider of exposure management platforms, <a class="ContentText-BodyTextChunk ContentText-BodyTextChunk_link" target="_self" href="https://www.darkreading.com/cloud-security/exposure-management-provider-cye-acquires-solvo”>acquired Solvo.
Vulcan Cyber, according to omdia analyst Andrew Braunberg, hopes Tenable One will include the features its rivals are currently touting.
Tenable has been talking about exposure management for as long as anyone, but it still frequently has the vibe of an outdated vulnerability management company, according to Braunberg. ” Vulcan has always seen exposure management as the direction the market was headed, and has taken an impressively open approach to bringing in asset and exposure data and working broadly to support remediation, orchestration, and automation.”
Tenable’s Merrick acknowledges that Microsoft’s licensing model with its M365 E3 and E5 plans give Microsoft an advantage.
” They can throw a lot of free stuff at this, and there are many organizations that are Microsoft-only shops”, he says. ” CrowdStrike, too, is growing and expanding. But I also think that this is an opportunity for Tenable to differentiate, to continue being that source of truth, to provide better analytic capability, and to tie these things together. Because at the end of the day, this forces us, from a product standpoint, to continue to innovate and deliver new capabilities”.
According to Merrick, organizations are only beginning to put a focus on vulnerability management in addition to exposure management.
” I think we’re in the first inning of exposure management”, he says. ” More and more, organizations are starting to talk about this”.
The deal, announced on Wednesday, calls for Tenable to pay$ 147 million in cash and$ 3 million in restricted stock to Vulcan Cyber. The company anticipates that the deal will close this quarter, but Merrick is unable to discuss specific integration plans before the deal is closed. However, the 100+ connectors to third-party systems provided a significant boost to the deal.
He claims that” we have always been thinking about integrating third-party data into our exposure management platform like we have done with our vulnerability management solution.” ” We’ve already designed the data model to accept and integrate third-party data,” says the statement. So we want to be able to go and fast-track that. This will be our main focus in 2025 once we’ve come to a close.