Guidance for Tenable for ITSM and Tenable for Asset
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎12-14-2022 01:18 AM
I'm hoping to get some guidance/advice from someone who is currently using the Tenable for ITSM and Asset applications. As an organisation we do not purchase the SecOps modules in ServiceNow so cannot make use of the paid Tenable VR connector which all of the guidance videos online appear to relate to.
As it stands I currently have the connectors setup and pulling in Asset and Vulnerability information into ServiceNow. The core import table appears to be x_tsirm_tio_itsm_data_source_import which is then transformed to x_tsirm_tio_itsm_vulnerability for vulnerabilities. I'm struggling with a couple of bits of information:
CVSS Score - This would appear to be a core metric required for the import. The advanced field options on the Incident Rules (Tenable Incident Rule Guidance) suggests cvssbasescore should be available somewhere but I cannot find it any of the data. Is anyone able to point me to where this sits.
VPR Score - As above except this is pulling in to plugin (although doesn't show on the default view) but I cannot see where this is coming from. I'm happy it's there but none of the imported items in the x_tsirm_tio_itsm_data_source_import have anything in the vpr_score field so I'm not sure how they data is getting in. This one is more to try and understand how it works.
Incident Rules - What exactly are the point of these? I've setup a few basic ones but nothing appears to happen after the import run and there isn't a way to manually trigger them from what I can see? As it stands I have done my own scripting from the transform maps as we ultimately want the items logged to a different table than incident but it would be good to understand the intended use.
Hopefully my explanations are clear and any guidance would be appreciated. I have been through all of the provided guidance it doesn't go into the detail I am looking for.