Tenable Integration

Transcript

At PlexTrac, we are excited to announce a new update in our ever-growing suite of integrations. And these updates are with our Tenable integration. We’re excited to announce that we’ve officially joined the Tenable Technology Partner Program. This means that you can maximize the value of your existing investment in Tenable’s complementary technology, allowing you to use Tenable alongside other tools or scanners. And because PlexTrac works with your tools, we can help you to drive end-to-end proactive security with vulnerability scanning, offensive assessments, and pentesting data all in that one space. That’s what PlexTrac can do for you.

So let’s take a look at the Tenable integration. So, like our other integrations, our Tenable integration supports multiple connections. Each connection can be determined to either be across all clients — essentially tenancy-wide — or client-specific. And when you choose to create a connection with Tenable that’s client-specific, this means that your client authorization within PlexTrac will be honored. You can also name each connection to help manage multiple connections through the UI.

Once you’ve determined what sort of connection you want to create, we are supporting both the Tenable vulnerability management the cloud product offering, as well as an option to connect to Tenable security center. From here, the next step is to determine what fields you want to map or continuously sync between Tenable and PlexTrac. As you can see, the fields are quite robust and we’re offering mapping for both findings fields as well as asset fields, so you can bring in all of your asset metadata alongside your findings. And fields such as severity or status have options to map so you can choose whether you want high to be matching high as that data flows into PlexTrac. These fields are quite robust and you can add as many as you’d like. All of the fields that are mapped in this integration are documented. One that we’re particularly excited about is that we are now optionally bringing in additional exploit data from the Tenable platform.

Each of your connections will sync on an hourly basis, and we provide a sync history so you have full visibility of the data that’s moving between the two platforms. Once your connection is made, when you’re working within a report, you’ll simply go to add findings and select from integrations. In this list any of the integrations authorized to the user will be available.

From here we offer some great filtering and sorting tools, and one of the most common use cases is going to be to go ahead and identify a scan that’s just completed on the Tenable side. And the fastest way to do that is to leverage your asset tags that you have on the Tenable side alongside the scan date. This will give you a very quick way to replicate a scan completed in Tenable into the PlexTrac platform. We also offer these bulk select features so you can quickly select all of the findings and their associated assets that meet your criteria and bulk add those into your PlexTrac report very quickly there.

Additionally, though, this UI allows you to determine if you want to build a custom report. So let’s say we’re building a custom report for a quarter view on a particular asset. You can search by asset name and then determine that you’re only going to find vulnerabilities with an exploit available that are also critical. For example, we’ll go ahead and select a couple of findings here to bring in. So as our findings are being populated, you’ll see a notification that will let you know. And if you’re bringing in quite a few, you’ll receive a notification here in the bell to let you know that they’ve all populated here.

We’ll take a look at one of these findings. So as you can see, this is a finding that’s come in from Tenable TVM. We always show the source so you can identify where your vulnerabilities came in. And that’s especially important if you’re managing multiple integrations within the PlexTrac platform. All of this data is dependent on your custom mapping that you determine at the connection level. So what you can see here is that we’re bringing in quite a few custom fields. You’ll notice that we’re bringing in always the finding title and the description. These are common fields within PlexTrac. But because we’re offering so many additional data points in this Tenable integration, those additional Tenable fields will be created as custom fields that you can manage. We always bring in your affected assets that are associated with any one vulnerability. Their evidence and their metadata will come into the PlexTrac platform through this integration.

Now that our findings are in our PlexTrac report, we can take advantage of all the great workflow tools. So if we want to set up SLAs, we know how we’re tracking against our service level agreement. In remediating these newfound vulnerabilities that have been very quickly added from the Tenable platform, we can also now take advantage of the contextual scoring features and determine how to elevate the priority of the right and most critical findings so that your organization can respond as quickly as possible.

From here. We can also push these findings into our remediation integrations such as Jira or ServiceNow, to identify and then push to the right teams the right information if they’re working out of Jira or ServiceNow.

This integration is a great update, and we are thrilled to have a partnership ongoing with Tenable. That partnership will mean that we’re able to maintain this integration and receive regular communication from the Tenable team if changes to their platform occur so that we can keep our integration the most up-to-date as possible. The other benefit is that we know that our integration is meeting their standards, and we are very much looking forward to our customers benefiting from one additional integration in our ever-growing suite of options to use PlexTrac with the tools that work best for them.