Tenable.io Integration

Tenable.io

Version: Tenable.io (Cloud and Security centre)

Tenable provides comprehensive visibility into the security posture of container images as they are developed, enabling vulnerability assessment, malware detection, policy enforcement and remediation prior to container deployment.

Netsurion Open XDR monitors user activities, all possible kind of vulnerabilities that has been detected and auditing of Scap and Oval activities.

Netsurion Data Source Integration for Tenable.io allows you to monitor the following components:-

Security – Configuration changes and vulnerability detections.
Compliance – Network auditing and compliance results.
Operation – Identifying active hosts and open network ports.

Once Tenable.io is configured to deliver events to Netsurion Open XDR; alerts, dashboards and reports can be configured into Netsurion Open XDR.

The following are the key Data Source Integration available in Netsurion Open XDR.

Reports

Type	Name	Description
Security	Tenable – Credentialed patch audit	This report provides details about the patches that are missing in the windows and Unix systems which an attacker can use for exploits.
Security	Tenable – Malware detection	This report provides details about the vulnerable malware that are present in the linux and windows machine.
Security	Tenable – Badlock detection	This report provides details about all the badlock attacks occurring in the network. Badlock detection can be identified by their CVE. Badlock CVE’s are as follows (CVE-2015-5370\|CVE-2016-2110\|CVE-2016-2111\|CVE-2016-2112\|CVE-2016-2113\|CVE-2016-2114\|CVE-2016-2115\|CVE-2016-2118\|CVE-2016-0128)
Security	Tenable – Drown detection	This report provides details about the drown attacks that take place in a network, this vulnerability affects the Https services that rely on SSL and TLS. These vulnerabilities can be identified by their respective CVE’s. Drown CVE are as follows (CVE-2016-0702\|CVE-2016-0705\|CVE-2016-0797\|CVE-2016-0798\|CVE-2016-0799\|CVE-2016-0800)
Security	Tenable – Bash shellshock detection	This report provides details about the vulnerabilities that affects the bash. These vulnerabilities can be identified by their respective CVE’s. Shellshock CVE are as follows CVE-2015-5370 \|CVE-2016-2110 \|CVE-2016-2111 \|CVE-2016-2112 \|CVE-2016-2113 \|CVE-2016-2114 \|CVE-2016-2115\|CVE-2016-2118\|CVE-2016-0128)
Operations	Tenable – Host discovery	This report provides the number of alive hosts and active ports on a network.
Compliance	Tenable – User activities	This report provides all the activities done by the user.
Compliance	Tenable – Scap and Oval auditing	This report provides details on how to generate SCAP and Oval content audit scan results.

Documentation

The configuration details are consistent with Netsurion Open XDR 8.x and later, Tenable.io (Cloud and Security centre).

Download Integration Guide for configuration instructions and more information.

24X7 SOC-AS-A-SERVICE

OPEN XDR PLATFORM

USE CASES

WHY NETSURION

PARTNERS

ALL CYBERSECURITY INSIGHTS

Level up your cybersecurity!

ABOUT NETSURION

XDR Hot Company

Next-Gen MDR Service

Best MDR Solution

Tenable.io

Reports

Documentation