ACAS Overview

Harness the power of ACAS with the most comprehensive view of deployed assets and potential weaknesses.


In 2012, the Defense Information Systems Agency (DISA) awarded the Assured Compliance Assessment Solution (ACAS) to HP Enterprise Services and Tenable Network Security, the leader in continuous network monitoring, advanced analytics, and context-aware security. ACAS continues to be the solution for assessing U.S. Department of Defense (DoD) enterprise networks and connected IT systems against DoD standards, as well as to identify any known system vulnerabilities.

Learn more about ACAS

View the solution brief for more information

Solution Components

ACAS is the foundation for implementing an IT security strategy that aligns to the real-world demands of global cybersecurity. The ACAS solution includes the following IT security platform necessities:

  • SecurityCenter


    Anticipate, Prioritize, and Neutralize Threats

    The SecurityCenter™ platform provides the most comprehensive and integrated view of security posture to reduce risk and ensure DISA compliance. It’s the next generation vulnerability analytics component for ACAS, and it includes:

    • Assurance Report Cards – Continuously measure effectiveness of mission-defined security policies based on high-level strategic objectives
    • Advanced Analytics/Trending – Contextual insight and actionable information to prioritize security issues associated with security posture of all deployed assets
    • Highly Customizable Dashboards/Reports – New HTML5-based user interface to satisfy specific needs of all roles
    • Cumulative Scan Results – Consolidate data from multiple on-premises Nessus® scanners and provide remediation trending information

    SecurityCenter enables you to see everything, all the time, so you can focus on the critical data and actions that matter most, because informed decision-making is best.

    Learn more

  • Nessus


    Extend Your IT Security Power, Anywhere

    The ACAS solution enables you to deploy multiple Nessus scanners across the enterprise, creating the foundation for DISA-mandated vulnerability scanning, assessment, and management capabilities. They detect and discover data and weaknesses and then report back to SecurityCenter’s advanced vulnerability analytics engine. SecurityCenter schedules and initiates Nessus scans, retrieves results, and customizes the data via reports so you can accurately assess risk and prioritize remediation workflows.

    Nessus scanners used via SecurityCenter enable you and your teams to achieve:

    • Effective resource allocation to improve efficiency
    • Expanded scan coverage across the entire IT environment
    • Improved risk analysis by integrating context from existing infrastructures and partner frameworks
    • Deep integration with core technologies so you can see and leverage additional security investments and technologies

    Learn more

  • PVS

    Passive Vulnerability Scanner

    Modern View for the Modern Cyber Defender

    Tenable’s Passive Vulnerability Scanner (PVS) delivers real-time network monitoring and profiling for continuous scanning and assessment of an organization’s security in a non-intrusive manner. PVS monitors network traffic at the packet level to provide visibility into both server and client-side vulnerabilities with full asset discovery.

    Additionally, PVS easily installs in networks and passively detects devices on your network, including virtual- and cloud-based devices, BYOD/mobile devices and even discovers jailbroken iOS devices. PVS scales to meet future demand of monitoring virtualized systems, cloud services, and the proliferation of devices.

    This is how you effectively create and manage a more modern view of the IT infrastructure you’re tasked with defending.

    Learn more

  • Components Matrix

    Tenable Solutions

    Solution ACAS Provided
    Nessus Professional No
    Nessus Manager No No
    Nessus Agents No, but recommended
    Nessus (Scanners controlled by SecurityCenter) Yes
    1GB Passive Vulnerability Scanner (PVS) Yes
    10GB Passive Vulnerability Scanner (PVS) No, but recommended
    Log Correlation Engine (LCE) No, but recommended
    SecurityCenter Yes
    SecurityCenter Continuous View No, but recommended

Defense Information Systems Agency

The Defense Information Systems Agency (DISA) sought a flexible, accurate and scalable vulnerability management solution that was easy to deploy at all levels. It had to deliver real-time visibility and risk assessment across all DoD networks, enabling decisive, risk-based management decisions consistent with federal guidelines.

Read the Case Study

Defense POW/MIA Accounting Agency (DPAA)

The foundation of DPAA's ACAS solution is comprised of the Tenable SecurityCenter® platform integrated with Nessus® Network Monitor and Nessus®, the most widely deployed vulnerability and compliance scanner in the world. In addition to ACAS, DPAA also deployed Nessus on its classified networks.

Read the Case Study

Ask a question, get information, start a discussion

Join the Community