With this Playbook app, you can launch and get scans from Tenable.io into ThreatConnect for further analysis and investigation. Tenable.io is a cloud-based vulnerability management for complete visibility into the assets and vulnerabilities in your organization. This app integrates with Tenable.io to include actions with ThreatConnect Playbooks in order to increase accuracy and efficiency by saving analysts from routine tasks and increasing response time and accuracy.
The following actions are available within the Playbook App:
- Launch Scan – Launch an existing scan using the Scan ID. You may want to launch a scan if you configured the scan to run on-demand only, or if you need to run a scheduled scan immediately.
- Get Scan Report – Returns scan results for the latest run of the specified scan. Uses Scan ID. It’s recommended ‘Retry’ be configured for this action.
- Get Asset Details – Returns details of the specified asset.
- Get Asset Vulnerabilities – Retrieves a list of the vulnerabilities recorded for a specified asset. The list returned is limited to 5,000.
- List Assets by Vulnerability – List all Assets associated with a specific Vulnerability.
This app can be found in the ThreatConnect app catalog under the name: Tenable.io