Asset Management Using Tenable
To ensure that they are being properly monitored and protected based on each asset’s business risk rating, organizations need to be aware of the status of their critical assets. The dashboard for asset management overview gives a summary of the environment’s assets. Risk and security managers can use this data to make sure the organization’s security program is in line with the current business objectives.
According to the business value to the organization, assets must be protected. The business that owns the asset assigns risk ratings to the assets, which may contain data or offer services to the organization. To ensure that assets are properly monitored based on their importance to the business, security managers must inform business owners of the status of their assets. Technical safeguards must be in place, and assets must be protected from exploitation, according to operational teams.
Security analysts can drill down into technical details by clicking on the widgets in the Asset Management Overview dashboard, which gives executive management a summary of asset information at a glance.
Statistics, types, and vulnerabilities of assets as well as information on services and operating systems are all provided. These details can be used by security managers to decide whether the security program needs to be modified in light of the current asset status. Operational teams can use the data in this dashboard to assess how well assets are being monitored.
For security leaders to effectively address cyber risk and synchronize cybersecurity initiatives with business goals, they must see everything, predict what matters most, and act. To give a precise and comprehensive picture of an organization’s security posture, the licensed Tenable continuously discovers and analyzes assets. The licensed Tenable Web Application Security (WAS), Tenable, and Tenable Asset Data are necessary for this dashboard to function.
Tenable Asset Management Widgets
Stats regarding asset discovery
This widget provides statistics for Tenable licensed assets that were first noticed less than seven and thirty days ago, respectively. The number of assets that can be checked for vulnerabilities is determined by the Tenable licensed asset limit. The overall number of licensed assets is shown in the first section. The total number of recently discovered assets that are not deducted from the license is shown in the middle column. The number of licensed assets that were authenticated and scanned successfully is shown in the last column. The licensed Tenable Asset Data from Tenable Vulnerability Management, Tenable Web Application Security (WAS), and Tenable are prerequisites for this widget.
License Assets Sorted by Type
This widget identifies licensed asset types present in the environment of the organization. Hosts, web applications, domain records, containers, and cloud instances are examples of licensed asset types. Tenable Web Application Security (WAS), Tenable, and Tenable Asset Data is necessary for this widget to function. Tenable.cs, Tenable Lumin, and Attack Surface Management.
Most Popular Operating Systems
In this widget, the various operating systems that can be found in the environment are represented as a percentage. Managers can plan tasks and corrective action using this information. The chart lists the Top 10 most popular operating systems, but this value can be changed to suit local needs. When creating remediation tasks, managers can use this data to calculate the mitigation effort needed based on the volume of assets. The licensed Tenable Vulnerability Management (Nessus, NNM) is necessary for this widget.
Assets sorted by asset type
This widget categorizes the various asset types present in the environment of the organization. Hosts, web applications, domain records, containers, and cloud instances are examples of asset types. By determining the types of assets that are present in the environment, organizations can reduce potential security risks and support compliance efforts. The licensed Tenable Web Application Security (WAS), Tenable, and Tenable Asset Data from Tenable Vulnerability Management are necessary for this widget to function. Attack Surface Management, cs, and Tenable Lumin.
hosts with Web Application Scanning (WAS) vulnerabilities
This widget lists the hosts that have been found to have WAS vulnerabilities. It displays the host name and the quantity of WAS flaws. A Dynamic Application Security Testing (DAST) tool is Tenable WAS. To create a site map that contains all the pages, links, and forms for testing, a DAST crawls a live web application through the front end. After the DAST creates a site map, it queries the site through the front end to find any known vulnerabilities in the application’s custom code or in the third-party components that make up the majority of the application. In vulnerable versions of third-party components and custom web application code, Tenable WAS finds OWASP Top 10 vulnerabilities like cross-site scripting (XSS) and SQL injection. To ensure complete vulnerability coverage in contemporary web applications, it is imperative to address both types of vulnerabilities. Tenable Web Application Security (WAS) is a prerequisite for this widget.
Resources for Docker applications
This widget lists hosts that have been identified as having a Docker Service installed. The deployment of applications inside of software containers is automated by Docker, an open-source project. This widget shows information from Docker-related informational plugins, such as service detection, version detection, and container information. In addition to providing information, this widget does not provide Docker vulnerability information. Tenable Vulnerability Management (Nessus, NNM) is required for use of this widget.
Tracking assets that are owned by your company is possible with Tenable. On a network, assets are things of value that can be taken advantage of. This includes mobile devices, desktop computers, servers, routers, laptops, virtual machines, software containers, and cloud instances. The licensed Tenable assists in removing potential security risks, identifying underutilized resources, and supporting compliance initiatives by offering thorough information about the assets that belong to your organization.
When a scan is finished or the results are imported, Tenable automatically creates or updates assets. Tenable uses a sophisticated algorithm to attempt to match incoming scan data to existing assets. To select the ideal match, this algorithm considers properties of the scanned hosts and makes use of a number of heuristics. If Tenable is unable to find a match, the system assumes this is the first time Tenable has encountered the asset and makes a new record for it. In any other case, Tenable updates any properties of a matching asset whose values have changed since Tenable last encountered it. Tenable makes an effort to collect a variety of additional pieces of information about the asset in addition to vulnerability information, such as:
- DNS Names
- NetBIOS Name
- Operating System
- Installed Software
- UUIDS (Tenable, ePO, BIOS)
- Whether an agent is present
- Interfaces (IP address and MAC address)
