Tenable Cloud Security
By Tenable
Tenable's CNAPP, built on the identity-centric Ermetic platform acquired in October 2023, with cloud entitlement analysis (CIEM) as a particular strength alongside agentless posture and workload scanning. Increasingly folded into the Tenable One exposure management platform, where cloud findings sit beside the company's vulnerability data.
Verified Source: 1
- Product type
- Software
- Deployment
- SaaS
- Organization size
- Mid-marketEnterprise
- Pricing tier
- $$
How Tenable Cloud Security measures up against the full Cloud-Native Application Protection / Posture Management taxonomy.
- Misconfiguration detection (CSPM) — supported
- Flags cloud configuration drift against benchmarks like CIS and provider best practices.
- Agentless workload scanning — supported
- Scans workloads via cloud provider APIs or snapshots without deploying agents.
- Cloud entitlement management (CIEM) — supported
- Identifies excessive or unused permissions across cloud identities.
- Attack path analysis — supported
- Correlates findings across identity, network, and data exposure to surface exploitable attack paths.
- Infrastructure-as-code scanning — supported
- Catches misconfigurations in Terraform and CloudFormation before they're deployed.
- Vulnerability prioritization — supported
- Finds and ranks OS and package CVEs across cloud workloads by real-world exploitability.
- Compliance benchmark mapping — supported
- Continuously maps posture to frameworks like CIS, SOC 2, and PCI.
Alternatives
Other Cloud-Native Application Protection / Posture Management tools with overlapping capabilities, sized for similar teams.