It’s a new beginning! Ermetic is now Tenable Cloud Security.

A Letter from the CEO

Introducing our Cloud-Native Application Protection Platform

Shai Morag By Shai Morag
A Letter from the CEO

This week, we’re thrilled to introduce our Kubernetes Security Posture Management (KSPM) solution, following on the heels of our other recent rollouts: Cloud Workload Protection (CWPP), Infrastructure as Code (IaC) scanning and Just-in-Time (JIT) cloud access. Learn more about what CWPP is.

Adding this piece to the puzzle signals an exciting milestone for us - we are now leading innovation in the Cloud-Native Application Protection Platform (CNAPP) space.

So why CNAPP and why now?

In 2019, Ermetic emerged as a pioneer in Cloud Infrastructure Entitlements Management (CIEM). We were one of the first to recognize identities as the greatest risk in the cloud, and built our company to secure the new perimeter. We followed with our innovative Cloud Security Posture Management (CSPM) solution, and were proud to offer this powerhouse combination from one platform. Explore what CSPM is.

But as the market has grown and developed, so have the needs.

We listened to our customers and heard their need for insights and clarity across the cloud stack. With the widening gap caused by the shortage in cloud expertise, it became clear that our customers would benefit greatly from the insights we provide by combining as much data as possible in one pane of glass.

For us, the evolution from CIEM to CNAPP has been natural. Read more about what CNAPP is.

Addressing the Biggest Risk: Identities

More than 75% of cloud breaches result from cloud identity misconfigurations. That’s no surprise to anyone who has tried to secure identities - for humans and services - in environments like AWS, Azure and GCP. There is a complex interplay of policies and configurations that enable access, and attackers leverage loopholes to penetrate, and move throughout our environments. To solve this challenge, our team has dedicated more than three years of development time to building out and perfecting our unique identity-first approach.

We have built a reputation as a leader in the CIEM market - trusted by Fortune 10 enterprises and cloud-first hyperscales, because we don’t just check the box on a compliance checklist - we tackle and resolve the most complex issues in cloud security. .

It’s Intuitive!

Sure, any company can claim their solution is “intuitive and user friendly.” But we’ve got receipts.

I can say with certainty that Ermetic [now Tenable Cloud Security] is the most user friendly and intuitive CNAPP solution on the market. Cloud configurations are extremely complex, and since we first stepped onto the scene with CIEM, our customers have relied on our powerful and intuitive presentation and visualizations to untangle the configuration of identities, networks, workloads and other cloud resources to cut through the noise.

With the expansion of our identity-first approach to include a full suite of advanced cloud-native application protection tools, we are able to simplify even the most complex cloud security challenges, turning security experts into cloud experts and cloud experts into security experts.

Context is the Key to Prioritization and Remediation

We’ve always prided ourselves on delivering unmatched visibility. Everything we’ve built comes from the understanding that each resource and configuration in your environment must be investigated in context. Without context, it’s impossible to understand the significance of any other risk.

Our unique and comprehensive approach enables nuanced, contextual analysis across workloads, network, identity, data, and Kubernetes for the most accurate prioritization and automated remediation on the market. In fact, as the only solution not built on fixed-risk policies, false positive rates on our findings are close to zero.

One of my favorite recent use cases is our customer who had more than 300 publicly exposed buckets. With any other CNAPP solution, our customer would have been burdened with 300 findings, all given the same (probably “high”) level of risk and no way to know how to remediate the problem.

By leveraging our CIEM capabilities, we were able to automatically determine that only five of the buckets were actually at risk of exposing data. So what happened? We were able to automatically deprioritize the other 295 findings. By integrating insights across the stack, we were able to better assign risk and prioritize the findings, leading to a 98% reduction in triage and remediation effort by this customer.

With tens of thousands of findings coming in, we understand that prioritization can keep critical findings at or around 1%, and this is what makes all the difference for our customers.

It’s all in the Details

One of the things I’m most proud of is our low false-positive rate. Our findings are extremely accurate, enabling rapid remediation with automated tools or by following our step-by-step instructions so as not to break production. This significantly increases trust between the developers responsible for remediation and the security teams that drive the effort. Better collaboration leads to better security and compliance.

The Tenable Cloud Security Promise

Our entrance to the CNAPP market is a testament to our commitment to our customers. Our goal, every day, is to lead the way to secure cloud infrastructure, and our promise is to continue innovating solutions that disrupt the market.

---

Shai Morag
Former Co-Founder and CEO at Ermetic, now SVP and General Manager Cloud Security at Tenable

Skip to content