Tenable Integration
Exposure Management Platform
Exposure management unifies visibility, insight, and action across your entire attack surface. You get technical and business context to prioritize which vulnerabilities pose the greatest risk and understand how threats combine to increase risk.
With automated remediation and orchestration, your team can quickly fix exposures and close priority security gaps before they become a breach.
Overview
Tenable® is the Cyber Exposure company. Approximately 40,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 60% of the Fortune 500, approximately 40% of the Global 2000, and large government agencies.
Product Integrations
Panoptica
Panoptica provides the ability to ingest Tenable’s CVEs as part of Vulnerabilities Management, enabling better context-based prioritization and risk management using another Vulnerability Management Database. Once Tenable CVEs are connected, it accounts for available fixes or patches, known exploits, actionable CTI, and scoring heuristics such as CVSS.
Enhanced Historical Analysis
Cisco ISE integrates with Tenable.sc to provide identity-based access for devices and users on the network. Leveraging Tenable’s vulnerability findings, ISE can allow or restrict access based on predefined policies. Administrators can initiate scans and isolate non-compliant hosts to protect against emerging threats.
Unified Security Monitoring
Vulnerability data from Tenable Security Center can be imported into the FMC’s Host Map. This allows customers to combine Tenable’s findings with Secure Firewall’s passive discovery, improving impact scoring and supporting automated rule tuning.
Cisco Meraki Dashboard API Integration
Cisco Meraki Dashboard is a centralized cloud-based platform used to manage and monitor Cisco Meraki devices. It provides a web-based interface for configuring, troubleshooting, and securing global networking and IoT deployments. Tenable’s integration with the Cisco Meraki Dashboard API allows users to leverage our vulnerability management solutions against devices that are managed in their Meraki environment including security appliances, switches, routers, and other supported devices
Cisco Meraki Organizations, Networks, and Devices
Tenable designed the integration with the Cisco Meraki Dashboard API based on a deep understanding of how data is structured within Organizations and Networks — with the goal of identifying devices and obtaining their details. It is crucial for users to comprehend this relationship, as doing so enhances both confidence and success when utilizing the integration.
You can be granted access to one or more Cisco Meraki Organizations and Cisco Meraki Networks (within an organization). Therefore, when requesting devices, an Organization Name is required in the scan credential Cisco Meraki Organization Name field, provided that you have permission to access the organization. The Cisco Meraki Network Name field is optional in the credential configuration because devices can be collected at the primary Organizational Level. However, providing a Network Name value gives you more control over which devices the integration collects.
Cisco Meraki Credential Fields, Usage, and Limitations
For improved understanding of the Cisco Meraki credential and configurations, review the following summary of required and optional fields, their usage, and limitations.
Note: Tenable only collects host data from the /organization/{organizationId}/device API resource,
specifically using the lanIp, wan1Ip, and wan2Ip IP addresses.
Because Tenable cannot reliably collect VLAN IP addresses for appliances, you cannot manually enter the VLAN IP address of an appliance host in the target settings.
Tenable cannot associate that IP address with any collected hosts.
While you can enable Discovery Devices (auto-discovery), you cannot use a single Appliance VLAN IP because Tenable cannot associate VLAN IP addresses with collected hosts.