Cyber Tool Stack
All tools

Tenable Cloud Security

By Tenable

Tenable's CNAPP, built on the identity-centric Ermetic platform acquired in October 2023, with cloud entitlement analysis (CIEM) as a particular strength alongside agentless posture and workload scanning. Increasingly folded into the Tenable One exposure management platform, where cloud findings sit beside the company's vulnerability data.

Verified Source: 1

Product type
Software
Deployment
SaaS
Organization size
Mid-marketEnterprise
Pricing tier
$$

Capability checklist

CNAPP/CSPM

How Tenable Cloud Security measures up against the full Cloud-Native Application Protection / Posture Management taxonomy.

Misconfiguration detection (CSPM) — supported
Flags cloud configuration drift against benchmarks like CIS and provider best practices.
Agentless workload scanning — supported
Scans workloads via cloud provider APIs or snapshots without deploying agents.
Cloud entitlement management (CIEM) — supported
Identifies excessive or unused permissions across cloud identities.
Attack path analysis — supported
Correlates findings across identity, network, and data exposure to surface exploitable attack paths.
Infrastructure-as-code scanning — supported
Catches misconfigurations in Terraform and CloudFormation before they're deployed.
Vulnerability prioritization — supported
Finds and ranks OS and package CVEs across cloud workloads by real-world exploitability.
Compliance benchmark mapping — supported
Continuously maps posture to frameworks like CIS, SOC 2, and PCI.

Alternatives

Other Cloud-Native Application Protection / Posture Management tools with overlapping capabilities, sized for similar teams.

Search Cyber Tool Stack

Jump to any tool, vendor, category, or glossary term.