Tenable Integration Field Mapping

D_SantiagoHQY
Tera Contributor

‎06-14-2024 11:23 AM

Hello! I'm trying to map fields between our Tenable.IO and the ServiceNow Vulnerability Response plugin, on the Third Party Entry table. There are several fields that I need to know how those values are determined, or what field they correlate to in Tenable.IO. For example, the Exploit Skill Level, what's the corresponding field from Tenable.IO and how is it calculated in ServiceNow?

Labels:
0 Helpfuls
  • 1,324 Views
1 REPLY 1

andy_ojha
ServiceNow Employee
ServiceNow Employee

‎06-14-2024 01:26 PM

Hey there - the Docs Page has a great overview of the field mappings from Tenable (SC and IO) -> ServiceNow VR across the key tables involved:

-----------------------------------

That said, Exploit Skill Level - is not one of the traditional fields that are mapped directly from an Integration source / 3rd party Vuln Scanner like Tenable, Qualys, etc.  These typically map "Exploit Exists" for the most part.

"Exploit Skill Level", can be enriched on the Vulnerability Entry table, using the Shodan Exploit Enrichment integration.  This enriches the base CVE data, which can then be rolled up to Third-Party Entries that reference a given CVE.

Here is an example, of how "Exploit Skill Level" can be set on a Tenable plugin related Third-Party Entry, via the "Shodan Exploit Enrichment":

andy_ojha_0-1718396714695.png