Tenable
runZero integrates with Tenable Vulnerability Management (previously Tenable.io), Tenable Nessus, and Tenable Security Center to enrich your asset inventory and gain visibility into vulnerabilities detected in your environment. The Tenable Vulnerability Management, Nessus Professional, and Tenable Security Center integrations pull data from the Tenable API, while all versions of Tenable Nessus and Tenable Security Center (previously Tenable.sc) are also supported through Nessus v2 file imports (.nessus
).
Note that at this time, only the main Tenable Vulnerability Management cloud API endpoint at https://cloud.tenable.com
is supported as an API integration.
Asset inventory
There is a column on the asset inventory page showing the count of vulnerabilities detected by Tenable for each asset. When a single asset is selected, the vulnerabilities table lists all the results related to that asset. The vulnerability count can be impacted by the type of vulnerability scan as well as the import settings selected.
Vulnerabilities table
The Vulnerabilities tab of the inventory lists all vulnerability results that have been imported from Tenable. The table lists every result, and selecting a result will take you to the page for the impacted asset.
Severity and risk scores
Tenable uses the third-party Common Vulnerability Scoring System (CVSS) values from the National Vulnerability Database (NVD) to describe severity associated with vulnerabilities. Tenable assigns all vulnerabilities a severity rating (Info, Low, Medium, High, or Critical) based on the vulnerability’s static CVSSv2 or CVSSv3 score. By default, Tenable uses CVSSv2, however users can opt to use CVSSv3 instead. runZero displays the CVSSv2-based severity in the Inventory and Asset views.
To supplement the severity ratings, Tenable calculates a dynamic Vulnerability Priority Rating (VPR) for most vulnerabilities. The VPR is a dynamic companion to the data provided by the vulnerability’s CVSS score, since Tenable updates the VPR to reflect the current threat landscape. VPR values range from 0.1-10.0, with a higher value representing a higher likelihood of exploit. runZero displays the VPR-based risk in the Inventory and Asset views. For more details about how Tenable handles severity and risk, please refer to their documentation.