Get Vulnerability Scan Reports from Tenable
Table of Contents
Expand all | Collapse all
-
- Integrate IoT Security with AIMS
- Set up AIMS for Integration
- Set up IoT Security and XSOAR for AIMS Integration
- Send Work Orders to AIMS
- Integrate IoT Security with Microsoft SCCM
- Set up Microsoft SCCM for Integration
- Set up IoT Security and XSOAR for SCCM Integration
- Integrate IoT Security with Nuvolo
- Set up Nuvolo for Integration
- Set up IoT Security and XSOAR for Nuvolo Integration
- Send Security Alerts to Nuvolo
- Send Vulnerabilities to Nuvolo
- Integrate IoT Security with ServiceNow
- Set up ServiceNow for Integration
- Set up IoT Security and XSOAR for ServiceNow Integration
- Send Security Alerts to ServiceNow
- Send Vulnerabilities to ServiceNow
-
- Integrate IoT Security with Cortex XDR
- Set up Cortex XDR for Integration
- Set up IoT Security and XSOAR for XDR Integration
- Integrate IoT Security with CrowdStrike
- Set up CrowdStrike for Integration
- Set up IoT Security and XSOAR for CrowdStrike Integration
- Integrate IoT Security with Tanium
- Set up Tanium for Integration
- Set up IoT Security and XSOAR for Tanium Integration
-
- Integrate IoT Security with Aruba AirWave
- Set up Aruba AirWave for Integration
- Set up IoT Security and Cortex XSOAR for Aruba AirWave Integration
- View Device Location Information
- Integrate IoT Security with Aruba Central
- Set up Aruba Central for Integration
- Set up IoT Security and XSOAR for Aruba Central Integration
- Integrate IoT Security with Cisco DNA Center
- Set up Cisco DNA Center to Connect with XSOAR Engines
- Set up IoT Security and XSOAR for DNA Center Integration
- Integrate IoT Security with Cisco Meraki Cloud
- Set up Cisco Meraki Cloud for Integration
- Set up IoT Security and XSOAR for Cisco Meraki Cloud
- Integrate IoT Security with Cisco Prime
- Set up Cisco Prime to Accept Connections from IoT Security
- Set up IoT Security and XSOAR for Cisco Prime Integration
- Integrate IoT Security with Network Switches for SNMP Discovery
- Set up IoT Security and Cortex XSOAR for SNMP Discovery
- Integrate IoT Security with Switches for Network Discovery
- Set up IoT Security and Cortex XSOAR for Network Discovery
-
- Integrate IoT Security with Aruba WLAN Controllers
- Set up Aruba WLAN Controllers for Integration
- Set up IoT Security and XSOAR for Aruba WLAN Controllers
- Integrate IoT Security with Cisco WLAN Controllers
- Set up Cisco WLAN Controllers for Integration
- Set up IoT Security and XSOAR for Cisco WLAN Controllers
-
- Integrate IoT Security with Aruba ClearPass
- Set up Aruba ClearPass for Integration
- Set up IoT Security and XSOAR for ClearPass Integration
- Put a Device in Quarantine Using Aruba ClearPass
- Release a Device from Quarantine Using Aruba ClearPass
- Integrate IoT Security with Cisco ISE
- Set up Cisco ISE to Identify IoT Devices
- Set up Cisco ISE to Identify and Quarantine IoT Devices
- Configure ISE Servers as an HA Pair
- Set up IoT Security and XSOAR for Cisco ISE Integration
- Put a Device in Quarantine Using Cisco ISE
- Release a Device from Quarantine Using Cisco ISE
- Apply Access Control Lists through Cisco ISE
- Integrate IoT Security with Cisco ISE pxGrid
- Set up Integration with Cisco ISE pxGrid
- Put a Device in Quarantine Using Cisco ISE pxGrid
- Release a Device from Quarantine Using Cisco ISE pxGrid
- Integrate IoT Security with Forescout
- Set up Forescout for Integration
- Set up IoT Security and XSOAR for Forescout Integration
- Put a Device in Quarantine Using Forescout
- Release a Device from Quarantine Using Forescout
-
- Integrate IoT Security with Qualys
- Set up QualysGuard Express for Integration
- Set up IoT Security and XSOAR for Qualys Integration
- Perform a Vulnerability Scan Using Qualys
- Get Vulnerability Scan Reports from Qualys
- Integrate IoT Security with Rapid7
- Set up Rapid7 InsightVM for Integration
- Set up IoT Security and XSOAR for Rapid7 Integration
- Perform a Vulnerability Scan Using Rapid7
- Get Vulnerability Scan Reports from Rapid7
- Integrate IoT Security with Tenable
- Set up Tenable for Integration
- Set up IoT Security and XSOAR for Tenable Integration
- Perform a Vulnerability Scan Using Tenable
- Get Vulnerability Scan Reports from Tenable
Get Vulnerability Scan Reports from Tenable
Import Tenable vulnerability scan reports into IoT Security
and view them from the IoT Security portal.
XSOAR can run jobs that download vulnerability
scan reports from Tenable, even those not initiated from the IoT
Security portal, and then export them to IoT Security when they
include devices in the IoT Security inventory.
One job runs
periodically and downloads any new vulnerability scan reports that
Tenable generated within the past hour. The other job must be manually
initiated and downloads all reports from Tenable generated within
the past 30 days in bulk.
Because the bulk job retrieves all
vulnerability reports for the past 30 days, older reports for devices
with dynamically assigned IP addresses might not align with devices
using these IP addresses now. As a result, vulnerability information
might be associated with the wrong devices and risk scores might
be miscalculated. Therefore, use this tool sparingly and with caution,
or rely solely on the periodic job to gather recently generated
reports from Tenable incrementally.
Tenable supports scans
of single devices and multiple devices. If a Tenable vulnerability
scan report for single or multiple devices includes any devices
in your IoT Security inventory, then the IoT Security portal displays
the report on the Device Details page for
the included devices and on the ReportsVulnerability Scan Reports page.
A
vulnerability scan report for multiple devices contains results for
all the scanned devices. However, IoT Security changes the report
name of the file that each scanned device links to so that the name
includes its MAC address. As a result, different report names will
link to the same file if the report includes results for multiple
devices.
If you are using the default integration instance
(and haven’t changed its name) for the jobs that retrieve vulnerability
scan reports from Tenable incrementally or in bulk, simply select
one of the predefined jobs and click Enable or Run
now:
- PANW IoT Incremental Export of reports from Tenable (Enable)
- PANW IoT Bulk Export of reports from Tenable (Run now)
If you are
using a custom-defined integration instance that you created, follow the
steps below.
- Create an XSOAR job to retrieve vulnerability
scan reports from Tenable incrementally.
- Navigate to Settings in the XSOAR UI, open the Tenable integration instance that you previously created, and copy the integration instance name.
- Navigate to Jobs and then click New Job at the top of the page.
- In the New Job panel that appears, enter the following and leave the other settings at their default values:Recurring: Select this to poll Tenable periodically for new reports.Every: Enter a number and set the interval value (Minutes, Hours, Days, or Weeks) and select the days on which to run the job. (To run the job every day, either select all days or leave them unselected.) This determines how often XSOAR checks Tenable for scan reports generated within the past hour and downloads them if available.To ensure IoT Security doesn’t miss any reports, set this for 1 hour (or 60 minutes).Name: Enter a name for the job.Playbook: Choose Incremental Tenable Get Scans and Report Handling V2- PANW IoT 3rd Party Integration.Integration Instance Name: Paste the Tenable integration instance name you copied.
- Click Create new job.
- To start running the job at recurring intervals, select the job and click Enable at the top of the Jobs table.
- Create an XSOAR job to retrieve vulnerability scan reports
from Tenable in bulk.
- On the Settings page in the XSOAR UI, open the Tenable integration instance that you previously created and copy the integration instance name.
- Navigate to Jobs and then click New Job at the top of the page.
- In the New Job panel, enter the following and leave the other settings at their default values:Name: Enter a name for the job.Playbook: Choose Bulk Tenable Get Scans and Report Handling V2- PANW IoT 3rd Party Integration.Integration Instance Name: Paste the Tenable integration instance name you copied.
- Click Create new job.
- To initiate the job, select it and then click Run now at the top of the Jobs table.
- View imported vulnerability scan reports in the IoT Security portal.Open the Device Details page for a device whose report you want to see and then click the link to the PDF in the Security summary section near the top of the page.orClick ReportsVulnerability Scan Reports and click the report name for a scanned device.