Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

SecurityCenter 4.6.2 Provides Enhanced CyberScope Monitoring and Reporting

With the release of SecurityCenter 4.6.2, Tenable has added to its CyberScope monitoring and reporting capabilities by enabling federal organizations to easily report on information about assets and exchange security assessment results and device inventories of multiple IT assets at an aggregate level.

CyberScope LASR reporting

SecurityCenter-CV now includes integrated support for CVE and CPE vulnerabilities and is the only solution that provides consolidated CPE, CVE, and CCE feeds.

Previously, the passive sniffing capability of PVS uniquely detected vulnerabilities with CVE identifiers and CPE information for assets throughout the network. As a result, SecurityCenter-CV made monitoring and reporting efforts easier and more accurate than with just pure scanning alone.

CVE, CCE, and CPE Information by Asset Group

SecurityCenter can now generate a CyberScope/LASR directly from the application. Previously, generating a CyberScope report required the xTool utility to connect to SecurityCenter, pull the data, and then generate the report. With this release, users can publish CyberScope and all other reports directly from SecurtyCenter.

In addition, two new reports are now available to support CyberScope projects:

Asset Reporting Format (ARF)

The ARF report defines a data model used against assets (i.e., computing device), asset identification information, and the relationship between the two. A few examples of an ARF report generated by SecurityCenter are:

Parent level organization of the asset Child organization name of the asset Sub-children of the asset Person Geo-Location The role of the ARF is to gather and identify the assets on the network and then tag particular attributes to those assets. This is done in order to later associate vulnerability and other types of information generated in other reports against these assets.

Assessment Summary Results (ASR)

SecurityCenter can now generate ASR reports which are designed to exchange vulnerability results of multiple assets at the aggregate level. While ARF documents contain very detailed information about few assets, ASR reports contain summarized information about many assets for a single vulnerability. Examples of what is generated in an ASR report by SecurityCenter:

  • CCE info
  • IAVM info
  • CVE
  • PluginID

By parsing both ARF and ASR reports, customers can use their own methods of tracking and mitigating vulnerable hosts across their organization. They can also pull in reports generated by other tools and parse that against what SecurityCenter is providing them.

Conclusion

These enhancements provide better metrics, improved knowledge of security posture, and more complete and accurate information about each asset for CyberScope initiatives.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.