Putting the Cloud to Work in Vulnerability Management

BrandPostBy Diane Garey
Sep 29, 2015

tenable image 5

Achieving cost efficiencies often plays a key role in helping an organization decide to go with a cloud-based solution rather than an on-premises one. However, when it comes to potential benefits for a cloud-based vulnerability management (VM) solution, cost savings are really just the start.

Like other cloud applications, when the organization embraces a cloud-based VM solution, its security professionals are able to focus more intently on vulnerability management rather than devoting time to building and maintaining one more in-house server to run that application. More importantly though, with a cloud configuration the vulnerability management software is continuously updated, rather than requiring in-house staff to implement patches and updates. When new vulnerabilities are discovered and addressed by the provider, they can be immediately distributed so your organization is protected without delays.

There are also some interesting advantages for the organization when its solution provider leverages a highly scalable and distributed public cloud environment like Amazon Web Services or Microsoft Azure. Vendors leveraging this type of cloud infrastructure provider can host their vulnerability management solution in multiple data centers around the globe. This is useful for several reasons.

First, if your organization wants or needs to keep data within a specific geographic boundary, the VM vendor using public cloud to host their application can easily allow you to select where your data is stored. For example, most public cloud providers have strategically located data centers within EMEA to help organizations comply with changing regulations under the EU Data Protection Directive.

Second, for the best and fastest scanning results, it’s advantageous to scan IT assets with scanners that are as physically close as possible to those assets. For example, it’s possible to scan external IPs for my Singapore branch from a system located at headquarters in Chicago, but it’s much faster to scan those Singapore assets from a system in Singapore.

A cloud-based VM solution running in a highly scalable public cloud infrastructure should itself be highly scalable. For instance, assume your organization adds a significant number of assets to the mix. Your cloud-based VM provider can scale to support your requirements. And more importantly, when the vendor add new customers, they can scale their entire infrastructure to support both new and existing users without any negative performance impact.

Simply put, not all cloud environments are equal. If you’re considering cloud-based vulnerability management solutions, understand how vendors are leveraging the cloud so you get maximum benefit from it.

Want more on this topic?

For more on this topic, you can access a webcast with Paul Asadoorian and Jack Daniel from Tenable, and John Kindervag from Forrester Research on what to look for in a cloud vulnerability management solution.