Case Study: Tohoku University achieves comprehensive cloud asset visibility and preventive vulnerability management with Tenable Networks' Attack Surface Management

Shifting from passive to preventive and comprehensive vulnerability management, including Cloud IT assets

Tohoku University, a large research institution undertaking a broad digital transformation and “cloud‑by‑default” strategy, struggled to maintain accurate inventory and vulnerability coverage across thousands of IT assets—especially those deployed in cloud or hosted by individual research teams. Annual self‑reported ledgers and infrequent Nessus scans left gaps in visibility and slow, generic alerts that made timely, targeted remediation difficult and added administrative burden to teaching staff.

Tohoku deployed Tenable Attack Surface Management in early 2024 to continuously discover and inventory assets across on‑prem and cloud environments. ASM uncovered unmanaged web servers, enriched asset context (domain, IP, software versions), automated inventory workflows, and enabled precise, actionable vulnerability notifications—reducing manual work for local teams, accelerating fixes, and shifting the university from reactive to preventive vulnerability management.

Tohoku University

Katsuya Ohno

Information Security Section, Digital Infrastructure Division, Information Department