Case Studies

U.S. Department of Defense

The Defense Information Systems Agency’s (DISA) selection of Tenable Network Security as the foundation of its Assured Compliance Assessment Solution (ACAS) cements Tenable’s standing as the undisputed leader in vulnerability management in the U.S. Federal government.

View Full Case Study

Overview

The Defense Information Systems Agency’s (DISA) selection of Tenable Network Security as the foundation of its Assured Compliance Assessment Solution (ACAS) cements Tenable’s standing as the undisputed leader in vulnerability management in the U.S. Federal government.

The award followed a multiple month trial of Tenable products, in conjunction with partner HP Enterprise Services, demonstrating the ability to exceed U.S. Department of Defense (DoD) requirements. Tenable’s technology is meeting the vulnerability, configuration, and real-time risk management requirements of one of the largest, most demanding government organizations in the world.

In Pursuit of Comprehensive, Enterprise-Class Vulnerability Management

DISA, confronted with a limited capability to quickly and accurately assess the network security of Department of Defense (DoD) enterprise networks, established ACAS to replace the Secure Configuration Compliance Validation Initiative (SCCVI) suite of software previously acquired by DoD. ACAS will fulfill a combination of operational and strategic objectives, including:

  • Provide an innovative technical solution with a flexible cost structure.
  • Employ a commercial solution that can be easily ordered and quickly deployed across the DoD infrastructure.
  • Support enterprise-wide deployment across the Department of Defense (DoD), with the ability to tier system evaluation and management throughout the organization.

Ultimately, DISA sought:

  • Fast and accurate enterprise-wide network security assessment; satisfying the goal of increasing the accuracy of risk assessment and standards compliance verification.
  • A highly scalable solution easy to deploy at all levels; from the Central Command to the warfighter on the front lines.
  • Real-time risk assessment across DoD networks to provide essential situational awareness, and enable true, risk-based management decisions consistent with existing and emerging federal guidelines for Continuous Monitoring.