In addition to continuously and passively monitoring network traffic to discover devices and assess risk, Device Security supports the integration of third-party vulnerability scanners such as Tenable Vulnerability Management, formerly known as Tenable.io. You might want to perform an on-demand vulnerability scan to get deeper insights on device vulnerabilities or if Device Security detects anomalous behavior warranting investigation of a particular device. Device Security incorporates the scan results such as CVEs into its ongoing risk score assessments. It can also send detected vulnerabilities to a CMMS as work orders for tracking and resolving.

When you initiate a vulnerability scan from the Device Security portal, it sends a command through Cortex XSOAR to Tenable Vulnerability Management in the cloud. Tenable then relays the scan command to a Nessus scanner, and after the scan is complete, Tenable returns the results in a PDF report through XSOAR to Device Security. The flow is illustrated step-by-step below.

Integrating with Tenable Vulnerability Management requires either a full-featured Cortex XSOAR™ server or the activation of a Device Security free cohosted Cortex XSOAR instance.