Unify vulnerability detection and remediation with the ManageEngine-Tenable.io integration

Unify vulnerability detection and remediation with the ManageEngine-Tenable.io integration

According to the latest Ransomware Spotlight Year End report, 56% of the 223 older vulnerabilities identified prior to 2021 are still actively exploited and used as the entry points to ransomware attacks. This warrants the question of why enterprises aren’t patching vulnerabilities regularly. Most large organizations struggle to close the communication gap between their ITOps team and SecOps team, which primarily causes delay and disruption in critical, inter-related activities like vulnerability detection and patch management.

With the explosion of endpoints and employees using mobile devices and BYOD devices to get their work done, it is imperative that the enterprise IT and security teams have a centralized view on what’s happening in their networks. Despite this, we find that most organizations are still grappling with legacy and traditional practices. The time that organizations hesitate to spend on selecting a modern approach to security is wasted on resolving actual issues amidst the noise.

Vulnerability detection and patch management from the same console

With the ManageEngine – Tenable.io integration, we are aiming at reducing the redundant back and forth between the ITOps and SecOps teams in detecting an issue and remediating it.

Tenable.io, one of the best vulnerability assessment and detection tools in the market, can now be integrated with ManageEngine patch management solutions, some of the market’s most customizable and light patching solutions. Joining forces to remedy a handicap that most large enterprises today face, this integration leverages the vast vulnerability coverage of Tenable.io with the automated and flexible patch management practices of Patch Manager Plus.

With the ManageEngine – Tenable.io integra-tion, you can

  • Utilize the vast vulnerability coverage that Tenable.io offers.
  • Automatically correlate detected vulnerabilities with their released patches.
  • Leverage the premium features, flexibility, and customizability that ManageEngine offers in patch testing and deployment across endpoints.
  • Prioritize patches by comparing vulnerabilities based on the vulnerability priority rating (VPR).
  • Centralize asset data for better visibility and operation.
  • Shorten vulnerability resolution times, preventing delays in tending to critical vulnerabilities.
  • Help ITOps and the SecOps teams better coordinate with each other.
  • See the most up-to-date vulnerability remediation status with regular scanning.

ManageEngine products that support the inte-gration

This integration is supported for the following ManageEngine products from build version 11.1.2236.02:

  • Endpoint Central
  • Endpoint Central Cloud
  • Patch Manager Plus
  • Patch Manager Plus Cloud

This integration displays patches for vulnerabilities listed under the following categories:

  • Windows
  • Windows: Microsoft Bulletins
  • Databases
  • Misc.

Getting started with the integration

Integrating Tenable.io with ManageEngine products is a simple two-step process that includes:

  • Generating the API keys in Tenable.io.
  • Configuring the API settings in ManageEngine products.

Generate API keys in Tenable.io

  • To generate Tenable.io API keys, you need to have Administrator access to Tenable.io.
  • If you have Administrator privileges, you can generate the required API keys by following this user guide from Tenable.io.
  • Once you click Generate, Tenable.io generates an Access Key and Secret Key. Store these keys in a secure location.

Configure API settings in your ManageEngine products

  • Navigate to Admin > Integration > Threat scanner settings. Only users with Administrator privileges can configure the API settings.
  • Enter the Access Key and the Secret Key.
  • Enable or disable Asset export from ManageEngine to Tenable.io
  • Configure the frequency at which you want the data sync to happen.
  • Click Save to enable the integration.

Contact us about Patch Manager Plus or Endpoint Central to get the full benefits of this integration.

Deel deze post
Lightweight Directory Access Protocol (LDAP) decoded for beginners