The Department of Homeland Security and the Department of Justice developed the CyberScope application to automate and standardize manual and automated data inputs for FISMA compliance reporting.
Tenable is uniquely positioned to provide the continuous reporting required by NIST standards for federal agencies. Tenable's solutions, built on the vulnerability, threat and compliance management platform, combine distributed Nessus vulnerability scanners, credentialed agentless auditing, real-time passive network monitoring, event log collection/correlation and enterprise-scale reporting.
Tenable's Vulnerability, Threat and Compliance management solutions help government organizations meet the demands of CyberScope reporting:
- Consolidate distributed active and passive vulnerability scan results into one CyberScope report.
- Use a single console to manage separate and discrete federal agencies. SecurityCenter offers tiered controls for users, organizations, vulnerability repositories, and consoles for CyberScope reporting.
- Tenable's world-renowned research team maintains an extensive set of over 60,000 active and passive plugins covering more than 23,000 unique CVE IDs and 16,000 unique Bugtraq IDs.
- Reports include CVSS scores, CVE IDs, CPE reports, and correlation with exploitation tools, when available.
Continuous Monitoring for CyberScope
Implement true continuous monitoring to meet CyberScope and NIST requirements by combining active and passive scanning with integrated analysis.
- Detect configuration and network device changes through real-time network and log monitoring, and active vulnerability and configuration audits.
- Automate and simplify the maintenance of ARF asset reports.
- Collect log and event data from a wide variety of sources, adding context and critical metadata to the vulnerability data reported to the CyberScope application.
- Update asset lists, CVE vulnerabilities, and CPE information based on hosts discovered through passive vulnerability scanning.
- Complement active scanning by monitoring what has changed on the network since the last scan.
- Provide client side vulnerability data for organizations that aren't performing credentialed patch audits.
Discover the solution that's right for you.Try Now
Compare SecurityCenter Editions
See what version of SecurityCenter is right for you.Compare
Schedule an enterprise evaluation of SecurityCenter to see your security and compliance information in a new way.Schedule a Demo