Breadcrumbs

Tenable

Tenable_Inc.png

  • Security

  • Inventory

  • Scoring

  • Vulnerabilities

Details

The integration between GlobalSuite® GRC and Tenable allows automating the scanning and automatic detection of new corporate assets as well as vulnerability scoring in your technological risk environment, facilitating their analysis, evaluation, and treatment from a single platform.

This connector acts as a bridge between the Tenable vulnerability detection engine ( http://Tenable.io ) and the Inventory module of GlobalSuite®.

With this integration, the data of the assets detected by Tenable and the assessment of identified vulnerabilities are synchronized periodically and securely, being automatically loaded and updated in your GRC management system.

Features

  • Automatic synchronization of assets from Tenable to GlobalSuite.

  • Intelligent criticality assessment of assets registered in GlobalSuite.

  • Automated risk assessment based on detected vulnerabilities.

  • Asset prioritization based on criticality (CVSS), its context, Confidentiality, Integrity, and Availability.

Key benefits

  • Time savings in the identification, loading, and evaluation of assets.

  • Updated and complete information, avoiding inconsistencies and duplications in the AARR.

  • Complete visibility of technical risk in the business context.

  • Integration with your processes of risk identification, assessment, and evaluation in GlobalSuite.

  • Continuous improvement of your security posture based on real and updated information.

  • Support for regulations and frameworks such as ENS, ISO 27001, NIST, or PCI DSS.

Installation

⚠️ Requires API permissions in your Tenable account.


  1. Access the Marketplace of GlobalSuite® and install the "Tenable Source" connector.

  2. Go to Configuration and complete the necessary data.

  3. Define the synchronization frequency (daily, weekly, monthly).

  4. Save and activate the integration.

NOTE: Activating the integration will immediately launch it to continue with the indicated frequency.

To configure the field mapping and where they will be stored in GlobalSuite, use the GlobalSuite Sink connector.

There is the possibility to test the synchronization with a test environment before moving to production. Ask your GSS contact person for more information.

Synchronized parameters

id

has_agent

last_seen

last_scan_target

sources

name

first_seen

last_seen

acr_score

acr_drivers

driver_name

driver_value

exposure_score

scan_frequency

interval

frequency

licensed

ipv4

ipv6

fqdn

netbios_name

operating_system

agent_name

aws_ec2_name

mac_address

VPR

CVSS vector

CVSS3 vector

More information:

https://developer.tenable.com/reference/assets-list-assets