How to Transition from Nessus to SecurityCenter Reports

Similar documents
PVS Subscription Registration Process

Nessus Manager Registration Process

How to Add, Deactivate, or Edit a Contact

How-to Guide: Tenable.io for Lieberman. Last Revised: August 14, 2018

How-to Guide: Tenable Nessus for BeyondTrust. Last Revised: November 13, 2018

Tenable.io for Thycotic

Tenable for McAfee epolicy Orchestrator

How to Register for Training

How-to Guide: Tenable for McAfee epolicy Orchestrator. Last Updated: April 03, 2018

Tenable for McAfee epolicy Orchestrator

Tenable for Palo Alto Networks

Tenable for Google Cloud Platform

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

How-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018

How-to Guide: Tenable Core Web Application Scanner for Microsoft Azure. Last Updated: May 16, 2018

A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface

Services. This document. describes how comments and. it is in. Tenable.io and. Tenable.io

Tenable Nessus Customer Loyalty Program to Purchase PVS Subscription

Tenable for ServiceNow. Last Updated: March 19, 2018

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Machine-Based Penetration Testing

Vulnerability Management

Machine-Based Penetration Testing

2017 Trends in Security Metrics and Security Assurance Measurement Report A Survey of IT Security Professionals

See What You ve Been Missing

Tenable.io User Guide. Last Revised: November 03, 2017

July 18, (Revision 3)

CyBot Suite. Machine-based Penetration Testing

Speed Up Incident Response with Actionable Forensic Analytics

Reinvent Your 2013 Security Management Strategy

SecurityCenter 508 Compliance

Tenable SCAP Standards Declarations. June 4, 2015 (Revision 11)

Protecting Critical Infrastructure. SCADA Network Security Monitoring

Nessus v6 SCAP Assessments. November 18, 2014 (Revision 1)

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Tenable.io Evaluation Workflow. Last Revised: August 22, 2018

SecurityCenter 4.8.x Upgrade Guide. December 16, 2014 (Revision 1)

Total Protection for Compliance: Unified IT Policy Auditing

ForeScout Extended Module for Tenable Vulnerability Management

SecurityCenter 5.0 SCAP Assessments. May 28, 2015 (Revision 2)

TIES for Microsoft CityNext Next-Generation Situational Awareness

Chapter 5: Vulnerability Analysis

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

Think Like an Attacker

Threat Centric Vulnerability Management

<Partner Name> <Partner Product> RSA Ready Implementation Guide for. Rapid 7 Nexpose Enterprise 6.1

The Convergence of Security and Compliance. How Next Generation Endpoint Security Manages 5 Core Compliance Controls

The Convergence of Security and Compliance

Think Like an Attacker

Tenable.sc-Tenable.io Upgrade Assistant Guide, Version 2.0. Last Revised: January 16, 2019

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

Skybox Security Vulnerability Management Survey 2012

Integration with Tenable Security Center

THE ACCENTURE CYBER DEFENSE SOLUTION

Community Edition Getting Started Guide. July 25, 2018

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

SOLUTION BRIEF. RiskSense Platform. RiskSense Platform the industry s most comprehensive, intelligent platform for managing cyber risk.

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Information Security Office. Information Security Server Vulnerability Management Standards

Client Health Key Features Datasheet. Client Health Key Features Datasheet

Demystifying Governance, Risk, and Compliance (GRC) with 4 Simple Use Cases. Gen Fields Senior Solution Consultant, Federal Government ServiceNow

Automating the Top 20 CIS Critical Security Controls

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Continuously Discover and Eliminate Security Risk in Production Apps

SecOps : Security Operations. Saurav Sinha Head of Presales India

Symantec Security Monitoring Services

Comodo One Software Version 3.26

Vulnerability Management. If you only budget for one project this year...

SecurityCenter Upgrade Guide. July 21, 2015 (Revision 1)

SANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045

7 Steps to Complete Privileged Account Management. September 5, 2017 Fabricio Simao Country Manager

SIEM: Five Requirements that Solve the Bigger Business Issues

SecurityCenter 5.1 Upgrade Guide. November 12, 2015 (Revision 2)

McAfee Endpoint Threat Defense and Response Family

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

SPS Commerce Dashboards & Alerts User Guide

RSA IT Security Risk Management

IBM Security AppScan Enterprise v9.0.1 Importing Issues from Third Party Scanners

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

AKAMAI CLOUD SECURITY SOLUTIONS

Tenable SecurityCenter Data Feeds for RSA Archer IT Security Vulnerability Program

whitepaper How to Measure, Report On, and Actually Reduce Vulnerability Risk

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

Vulnerability Management & Vulnerability Assessment. Nessus Attack Scripting Language (NASL). CVE databases, NVD database

Managing Business Risk with Assurance Report Cards

IBM Proventia Management SiteProtector Sample Reports

PROFESSIONAL SERVICES (Solution Brief)

Enhancing Security With SQL Server How to balance the risks and rewards of using big data

An IP.com Prior Art Database Technical Disclosure

NIST Framework for Improving Critical Infrastructure Cybersecurity Technical Control Automation

Automated, Real-Time Risk Analysis & Remediation

Digital Defense Frontline VM 6.0

Device Discovery for Vulnerability Assessment: Automating the Handoff

Enhanced Threat Detection, Investigation, and Response

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

QUICK WINS: Why You Must Get Defensive About Application Security

Xerox and Cisco Identity Services Engine (ISE) White Paper

White Paper. How to Write an MSSP RFP

Qualys Cloud Platform

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Transcription:

HOW-TO GUIDE How to Transition from Nessus to SecurityCenter Reports Using SecurityCenter for continuous network monitoring and vulnerability assessment will give you a greatly expanded set of features to measure, analyze, and visualize your enterprise-wide security objectives. SecurityCenter can provide a whole new level of insight to help identify gaps where policies fail to meet business objectives, and provide granular detail for investigating and remediating risk. For longtime Nessus users, moving to SecurityCenter will involve a slight learning curve. Until you become familiar with the new dashboards and reports, we ve created the Nessus Scan Report to ease your transition. This report is modeled on the standard Nessus reporting template so you can easily access vulnerability details in a familiar format and avoid disruptions to your security analysis and response processes. Adding the Nessus Scan Report in SecurityCenter The Nessus Scan Report is available through the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. To access the report template in SecurityCenter, click on Reporting in the top menu. This will take you to the Reports page. Click Add.

When the Add Report screen appears, select the Threat Detection & Vulnerability Assessments category. Enter Nessus Scan in the search box to narrow the results, and then select Nessus Scan Report in the list provided. 2

When the Add Report Template screen appears, you will want to set a Focus. Without a focus, SecurityCenter will generate the report for all repositories, resulting in thousands of pages of data. The Focus section will help you narrow your report to only the Asset, IP address(es)/dns name(s), or Repository you are interested in seeing. For this example, we will select Asset. For more information on using assets, see our How to Use Assets with Dashboards and How to Add Assets to SecurityCenter how-to guides. Select your asset from the drop-down menu (we selected LAN 113). You can also click on and modify the title to keep track of which asset data is being presented in this particular report. 3

Once these changes are made, click Add at the bottom of the page. When you return to the report list, you will see that Nessus Scan Report LAN 113 has been created. Manually Adding an Asset to the Nessus Scan Report If the Nessus Scan Report template was installed without a focus defined or if you need to make other changes, you may need to edit the report. To edit, click on the name of the report or on Edit PDF Report in the drop-down menu from the gear icon at the end of the row. 4

In the Edit PDF Report screen, you will see three areas where you can modify the report. The first is General, where you can select cover page, header, footer, and Table of Contents options. 5

The Definition section will allow you to define which elements to include in the report. For the Nessus Scan Report, we will focus on the iterator and table elements listed in Chapter 2. The first report element we will discuss is the iterator grouping element. The grouping element dynamically applies a base filter to the elements within the iterator in this case, two paragraphs and two tables. 6

An iterator will loop through the query results and dynamically create these defined elements based on IP address, port, or vulnerability. To set how the iterator generates output, you can click on the pencil icon that appears when you mouse over the iterator. That will launch the Edit Iterator screen, where you will find the Iterator Type setting. 7

For this report, IP Summary is pre-selected to create the data in the Vulnerability by Host chapter that Nessus users expect to see. Within the Iterator, there are two table elements that can also be modified. By mousing over the table element, you can click on the pencil icon to edit. 8

The first table is a Results Summary. This will use the Severity Summary tool to provide a count of vulnerabilities by severity. Edit Table screen where you can modify the Results Summary report fields 9

The second table in the Nessus Scan Report iterator uses the Vulnerability Detail List tool. This table will provide all known information about each individual vulnerability for each IP address (as determined by the iterator). Edit Table screen where you can modify the Results Details fields 10

The third option on the left hand side of the Edit PDF Report screen is Distribution. The Distribution section allows you to determine how the report will be distributed after the PDF is generated. For more information on distribution, please see the SecurityCenter User Guide. Launching your Nessus Scan Report Once you ve created and edited your Nessus Scan Report, you are ready to generate the report. Click on the arrow on the right side of the screen to launch the report. 11

You will receive a confirmation if the launch is successful. If you click on Report Results at the top of the screen, you will see that Nessus Scan Report LAN 113 is running. Once the status shows Completed, you can view, publish, or email the results by clicking on the gear icon at the end of the row or download the results by clicking on the bullseye icon. 12

Viewing your Nessus Scan Report Key Comparisons There are a few minor formatting differences between native Nessus scan reports and SecurityCenter s Nessus Scan Report. These are outlined below. Title page and Table of Contents With SecurityCenter, you ll get the exact same set of information, but with the addition of: A confidentiality statement A repository identifier User ID of the individual who launched the scan An About this Report overview section Nessus title page and Table of Contents SecurityCenter title page and Table of Contents 13

Vulnerabilities by Host In Nessus, reporting on vulnerabilities by host will provide the following key information: Scan Information with start and stop times. Host Information with IP address, DNS name, and NetBIOS name, if available to the scanner. A Results Summary with a color-coded list of vulnerabilities by severity. Nessus vulnerability report With the Nessus Scan Report in SecurityCenter, you will get the same information with the following differences: Only the date and time of the Last Scan is displayed not scan start and stop times. Host IP address, DNS name, and NetBIOS name will be displayed at the top of the report, if available. The Results Summary is displayed vertically. The Total number of vulnerabilities will now appear above the Last Scan information and not in this section. This report will include added Repository information. 14

SecurityCenter Vulnerabilities by Host report Vulnerability Details SecurityCenter s Nessus Scan Report will include the same drill-down into vulnerability details that was available in the Nessus version. In addition to providing more detail, SecurityCenter does not use color-coded headers by severity in this section (red, orange, yellow, green, or blue). Instead, severity will be simply labeled through text. 15

Nessus vulnerability details SecurityCenter vulnerability details 16

For More Information If you are transitioning from Nessus to SecurityCenter and are interested in further information about the Nessus Scan Report, you can read more in our SecurityCenter Report Templates resources page or contact Tenable Support. About Tenable Network Security Tenable Network Security transforms security technology for the business needs of tomorrow through comprehensive solutions that provide continuous visibility and critical context, enabling decisive actions to protect your organization. Tenable eliminates blind spots, prioritizes threats, and reduces exposure and loss. With more than one million users and more than 20,000 enterprise customers worldwide, organizations trust Tenable for proven security innovation. Tenable's customers range from Fortune Global 500 companies, to the Department of Defense, to mid-sized and small businesses in all sectors, including finance, government, healthcare, higher education, retail, and energy. Transform security with Tenable, the creators of Nessus and leaders in continuous monitoring, by visiting tenable.com. 17

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback