Integrating Vulnerability Data with an Identity Services Framework
With Tenable’s Nessus, security and compliance teams can audit and inventory devices and software to identify what is malicious, abnormal or out-of-compliance. However, do you ever need to pinpoint the offending system or software to its user?
At Tenable, we’ve heard from customers who are looking for a unified framework that enables multi-vendor, cross-platform network system collaboration among IT infrastructure, network policy, identity and access management, and other IT operations.
For example, once a vulnerable system is identified, possible next steps are to:
- Track the offending users and inform them to fix/update the device.
- Initiate action to modify user behavior to avoid future security issues.
- Update corporate security policies to prevent future occurrences.
This is made possible by implementing an identity services framework that a) Adds user context to Nessus to get more granularity to scan data, b) Provides a consolidated view of vulnerability event, identity, and device data for prioritization of vulnerability, and c) Identifies which vulnerabilities require immediate action and provide this context to deployed devices.
Such an identity services framework can offer the following benefits:
- Reduce time to isolate issues across multiple technologies
- Obtain accurate results by obtaining additional context from other devices
- Expedite response and remediation to security and compliance issues
We believe this is just one example of what is needed in the industry and are planning on integrating with a leading platform in the network policy space, Cisco Identity Services Engine (ISE), to serve these use cases.
What about you? Forward your thoughts to me at [email protected] on the following:
- Do you have any need to pinpoint the device or software vulnerability back to its user or owner?
- Does integrating with a product like Cisco ISE make sense for your systems?
- What other identity services products do you use? What would you like Nessus to integrate with?
We’d love to hear from you on your thoughts, challenges and recommendations…
Related Articles
Cybersecurity Snapshot: 6 Best Practices for Implementing AI Securely and Ethically
May 31, 2024Like many organizations, yours is likely using AI – or at least thinking about deploying it soon. But how can you ensure you use it securely, responsibly, ethically and in compliance with regulations? Check out best practices, guidelines and tips in this special edition of the Tenable Cybersecurity Snapshot!
Taking IBM QRadar SIEM One Step Further Using Tenable.ad
September 30, 2021If you can't continuously monitor Active Directory, it's impossible to achieve full visibility into your evolving attack surface. Here's how combining Tenable.ad with IBM QRadar can help. It's no sec...
CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs
August 13, 2024Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
Compromising Microsoft's AI Healthcare Chatbot Service
August 13, 2024Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
- Integrations
- Nessus