Steven McGrath

icon indicating a website link http://stevemcgrath.io icon indicating an email [email protected]

icon company Tenable, Inc. icon location Chicago, IL

Results 121 comments of Steven McGrath

The filter 'wasVuln' is invalid (valid filters: acceptedRisk, acceptRiskStatus, assetID, auditFileID, benchmarkName, cceID, cpe, cveID, baseCVSSScore, cvssVector, cvssV3BaseScore, cvssV3Vector, dataFormat, daysMitigated, daysToMitigated, dnsName, exploitAvailable, exploitFrameworks, familyID, firstSeen, iavmID, ip, lastMitigated, lastSeen, mitigatedStatus, msbulletinID, outputAssets, patchPublished, pluginModified, pluginPublished, pluginID, pluginName, pluginText, pluginType, policyID, port, protocol, recastRisk, recastRiskStatus, repositoryIDs, responsibleUserIDs, vulnRoutedUserIDs, vulnRoutingRuleID, severity, solutionID, stigSeverity, tcpport, udpport, uuid, vulnPublished, wasMitigated, xref, vprScore, assetCriticalityRating, hostUUID, assetExposureScore, aesSeverity, netbiosName).

This is related to running an older version of Security Center. pyTenable (the underlying library that drives the tenable side of the integration) requires version 6.2 or greater. The wasVuln...

The filter 'wasVuln' is invalid (valid filters: acceptedRisk, acceptRiskStatus, assetID, auditFileID, benchmarkName, cceID, cpe, cveID, baseCVSSScore, cvssVector, cvssV3BaseScore, cvssV3Vector, dataFormat, daysMitigated, daysToMitigated, dnsName, exploitAvailable, exploitFrameworks, familyID, firstSeen, iavmID, ip, lastMitigated, lastSeen, mitigatedStatus, msbulletinID, outputAssets, patchPublished, pluginModified, pluginPublished, pluginID, pluginName, pluginText, pluginType, policyID, port, protocol, recastRisk, recastRiskStatus, repositoryIDs, responsibleUserIDs, vulnRoutedUserIDs, vulnRoutingRuleID, severity, solutionID, stigSeverity, tcpport, udpport, uuid, vulnPublished, wasMitigated, xref, vprScore, assetCriticalityRating, hostUUID, assetExposureScore, aesSeverity, netbiosName).

You should likely update Security Center to a supported version, 6.4 is current, and Tenable supports down to 6.2

Support to sync Audit findings

Let me add this to the backlog.

Support to sync Audit findings

So looking into this new, audit findings in TSC should _just_ pull. TVM would likely require a completely new mapping and a lot of effort to make this work. Trying...

Support to sync Audit findings

so an update here, after a lot of investigating it seems to make more sense to have a separate project for the audit findings. the data is sufficiently different enough...

Create a task for each host and a sub-task for each vulnerability

Totally possible, would simply require adjusting the config file by switching the task and subtask settings and adjusting the fields to properly support this. I will note that at the...

Create a task for each host and a sub-task for each vulnerability

If your trying to blend in multiple integration sources and you want to ensure no conflict occurs, you may want to add a field that is simply a static value,...

Create a task for each host and a sub-task for each vulnerability

Yeah the current configuration examples make a lot of assumptions on the predominant workflow of Vuln->Asset. Let me know of the tenant blending is working. if it is I'll consider...

Create a task for each host and a sub-task for each vulnerability

The entire cleanup mechanisms would have to be refactored to support this. Closing for now as "wont-do"

During the synchronization process, unauthorized information (tag information) was also synced to Jira.

The integration will pull all tags for the filtered assets as provided by the API. While the assets are filtered to specific tags, all tags associated to those assets will...