- 10 Aug 2022
- 1 Minute to read
-
Print
-
DarkLight
Tenable.sc Integration Configuration Guide
- Updated on 10 Aug 2022
- 1 Minute to read
-
Print
-
DarkLight
The Tenable.sc™ integration with ThreatConnect® helps organizations determine where threats and vulnerabilities cross paths and understand where they are most at risk. It does this by comparing Common Vulnerabilities and Exposures (CVE) data from sources in ThreatConnect with Nessus® scan results in Tenable.sc. Any matching unpatched vulnerabilities found within Tenable.sc are tagged accordingly in ThreatConnect, with the option to store scan result details as an Attribute. In addition, Workflow Cases and Tasks can be created to notify users about the matching vulnerabilities and the need for further action.
The integration works by querying Tenable® for scan results over a given period of time (typically 30 days upon first run, and then from the previous run until the current run for subsequent runs) and downloading those data. The data are parsed for CVE tags, which are matched against CVE data within ThreatConnect Indicators and Groups of the type(s) selected in the configuration. Any found Indicators or Groups are then updated with the data for that CVE from Tenable, and, if desired, a Tag is applied to indicate that matching Tenable CVE data were found for that object.
ThreatConnect® is a registered trademark of ThreatConnect, Inc.
Nessus® and Tenable® are registered trademarks of Tenable, Inc.
Tenable.sc™ is a trademark of Tenable, Inc.