Device Security
Tenable SC Attribute Reference
Table of Contents
Expand All
|
Collapse All
Device Security Docs
Tenable SC Attribute Reference
This reference lists the attributes that Device Security collects from Tenable SC,
their names as stored in Device Security, and the Device Security fields they map to.
When Device Security integrates with Tenable SC, it enhances vulnerability
management for your devices. The attributes in this reference cover scanned IP summaries,
device details from vulnerability scan results, and individual vulnerability findings such
as CVE identifiers, severity scores, and OS information.
The third-party attribute name in Device Security refers to the attribute name
as it appears in the Assets Inventory table and in Query Engine. This follows the format
of third-party-name.attribute-name.
When viewing the attribute name in the Assets Inventory table column selector or on a
Device Details page, where the third-party name can be found as a header for the
attributes section, then the third-party name is removed from the attribute name.
For example, micrsoft_defender_xdr.macAddress would appear in the
Query Builder and in the Assets Inventory table, but under Device DetailsAttributesIntegration Specific AttributesMicrosoft Defender, the attribute would appear as macAddress.
IP Summary Attributes
Device Security collects device attributes from the Tenable Security Center IP summary analysis API. Each record provides a high-level summary of a scanned IP address.
|
Tenable SC Attribute
|
Device Security Attribute Name
|
Device Security Common Attribute*
|
Description
|
|---|---|---|---|
|
macAddress
|
tenable_sc.macAddress
|
MAC; id
|
MAC address
|
|
osCPE
|
tenable_sc.osCPE
|
raw_os
|
Operating system CPE
|
|
dnsName
|
tenable_sc.dnsName
|
Hostname
|
DNS name
|
|
repository.name
|
tenable_sc.repository_name
|
—
|
Repository name
|
|
repository.id
|
tenable_sc.repository_id
|
—
|
Repository ID
|
|
assetExposureScore
|
tenable_sc.assetExposureScore
|
—
|
Asset exposure score
|
|
lastUnauthRun
|
tenable_sc.lastUnauthRun
|
—
|
Last unauthenticated scan run date
|
|
lastAuthRun
|
tenable_sc.lastAuthRun
|
—
|
Last authenticated scan run date
|
|
netbiosName
|
tenable_sc.netbiosName
|
—
|
NetBIOS name
|
|
pluginSet
|
tenable_sc.pluginSet
|
—
|
Plugin set
|
|
policyName
|
tenable_sc.policyName
|
—
|
Policy name
|
|
uuid
|
tenable_sc.uuid
|
—
|
Unique identifier
|
|
ip
|
tenable_sc.ip
|
ipv4_address
|
IP address
|
Vulnerability Scan Device Attributes
Device Security collects device attributes from the Tenable Security Center vulnerability details analysis API. Each record describes a device as seen in the context of vulnerability scan results.
|
Tenable SC Attribute
|
Device Security Attribute Name
|
Device Security Common Attribute*
|
Description
|
|---|---|---|---|
|
lastSeen
|
tenable_sc.lastSeen
|
Last Third-Party Activity
|
Last seen date
|
|
macAddress
|
tenable_sc.macAddress
|
MAC; id
|
MAC address
|
|
repository.name
|
tenable_sc.repository_name
|
—
|
Repository name
|
|
repository.id
|
tenable_sc.repository_id
|
—
|
Repository ID
|
|
assetExposureScore
|
tenable_sc.assetExposureScore
|
—
|
Asset exposure score
|
|
dnsName
|
tenable_sc.dnsName
|
Hostname
|
DNS name
|
|
operatingSystem
|
tenable_sc.operatingSystem
|
raw_os
|
Operating system
|
|
netbiosName
|
tenable_sc.netbiosName
|
—
|
NetBIOS name
|
|
ip
|
tenable_sc.ip
|
ipv4_address
|
IP address
|
Vulnerability Attributes
Device Security collects vulnerability attributes from the Tenable Security Center vulnerability details analysis API. Each record describes an individual vulnerability finding on a scanned device.
|
Tenable SC Attribute
|
Device Security Attribute Name
|
Device Security Common Attribute*
|
Description
|
|---|---|---|---|
|
severity.name
|
tenable_sc.severity_name
|
risk_level
|
Severity name
|
|
pluginName
|
tenable_sc.pluginName
|
title
|
Plugin name
|
|
description
|
tenable_sc.description
|
Description
|
Description
|
|
pluginID
|
tenable_sc.pluginID
|
vulnerability_id
|
Plugin ID
|
|
firstSeen
|
tenable_sc.firstSeen
|
detected_time; first_seen
|
First seen date
|
|
repository.name
|
tenable_sc.repository_name
|
—
|
Repository name
|
|
repository.id
|
tenable_sc.repository_id
|
—
|
Repository ID
|
|
assetExposureScore
|
tenable_sc.assetExposureScore
|
—
|
Asset exposure score
|
|
seolDate
|
tenable_sc.seolDate
|
—
|
Security end-of-life date
|
|
cve
|
tenable_sc.cve
|
cve
|
CVE identifier
|
|
pluginPubDate
|
tenable_sc.pluginPubDate
|
—
|
Plugin publication date
|
|
patchPubDate
|
tenable_sc.patchPubDate
|
—
|
Patch publication date
|
|
vulnPubDate
|
tenable_sc.vulnPubDate
|
—
|
Vulnerability publication date
|
|
solution
|
tenable_sc.solution
|
solution
|
Solution description
|
|
lastSeen
|
tenable_sc.lastSeen
|
last_seen
|
Last seen date
|
|
protocol
|
tenable_sc.protocol
|
—
|
Protocol
|
|
port
|
tenable_sc.port
|
—
|
Port
|
|
hasBeenMitigated
|
tenable_sc.hasBeenMitigated
|
—
|
Has been mitigated
|
|
cvssV3BaseScore
|
tenable_sc.cvssV3BaseScore
|
cvss_v3base_score
|
CVSS v3 base score
|
|
baseScore
|
tenable_sc.baseScore
|
cvss_base_score
|
Base score
|
|
operatingSystem
|
tenable_sc.operatingSystem
|
raw_os
|
Operating system
|
|
ip
|
tenable_sc.ip
|
ipv4_address
|
IP address
|
|
macAddress
|
tenable_sc.macAddress
|
id
|
MAC address
|
* Only some attributes map to a Device Security Common Attribute.