The Department of Homeland Security and the Department of Justice developed the CyberScope application to automate and standardize manual and automated data inputs for FISMA compliance reporting.
Tenable is uniquely positioned to provide the continuous reporting required by NIST standards for federal agencies. Tenable's solutions, built on the Unified Security Monitoring architecture, combine distributed Nessus vulnerability scanners, credentialed agentless auditing, real-time passive network monitoring, and enterprise-scale reporting.
Tenable's Unified Security Monitoring solutions help government organizations meet the demands of CyberScope reporting:
- Consolidate distributed active and passive vulnerability scan results into one CyberScope report.
- Use a single console to manage separate and discrete federal agencies. SecurityCenter offers tiered controls for users, organizations, vulnerability repositories, and consoles for CyberScope reporting.
- Tenable's world-renowned research team maintains an extensive set of over 55,000 active and passive plugins covering more than 20,000 unique CVE IDs and 12,000 unique Bugtraq IDs.
- Reports include CVSS scores, CVE IDs, CPE reports, and correlation with exploitation tools, when available.
Continuous Monitoring for CyberScope
Implement true continuous monitoring to meet CyberScope and NIST requirements by combining active and passive scanning with integrated analysis.
- Detect configuration and network device changes through real-time network and log monitoring, and active vulnerability and configuration audits.
- Automate and simplify the maintenance of ARF asset reports.
- Collect log and event data from a wide variety of sources, adding context and critical metadata to the vulnerability data reported to the CyberScope application.
- Update asset lists, CVE vulnerabilities, and CPE information based on hosts discovered through passive vulnerability scanning.
- Complement active scanning by monitoring what has changed on the network since the last scan.
- Provide client side vulnerability data for organizations that aren't performing credentialed patch audits.
Evaluate Nessus for Your Organization
Start your free 15-day Nessus vulnerability scanner trial.Evaluate
Compare SecurityCenter Editions
See what version of SecurityCenter is right for you.Compare
Schedule an enterprise evaluation of SecurityCenter to see your security and compliance information in a new way.Contact Us