Tenable.sc Fixed Vulnerabilities Integration - Question

Maloy Banerjee1
Tera Expert

‎02-22-2024 09:00 PM

Hi All,

 

I have some questions related to the Tenable.sc Integration Job - Tenable.sc Fixed Vulnerabilities Integration.

1. My client doesn't want to create Vulnerable Items for the vulnerabilities that are fixed. Do I need to run this job?

2. If I have to run this job, then as per the best practice, what should be the 'Start Time' for this job (how much legacy data should be pulled)?

MaloyBanerjee1_0-1708618061923.png

 

3. Currently, I am running the fixed vulnerabilities integration job by setting the start time as 6 months ago but it is also scanning IP addresses that are decommissioned and as a result, it is creating unwanted CIs in ServiceNow. As per the Tenable SPOCs, there is no way to filter the decommissioned CIs from the Tenable end. Therefore, is there a way we can restrict the creation of CIs for the IP addresses that are decommissioned in Tenable?

 

Can you please suggest to me a suitable approach for the above question? I believe there is one common solution for the above 3 questions and my gut feeling says to set the start time as a delta date instead of a legacy date. e.g. If I am running the job in prod today, then my start time will be today's date.

 

 

Regards,

Maloy Banerjee

0 Helpfuls
  • 548 Views
1 REPLY 1

sach1
Tera Guru

‎08-25-2025 07:38 AM

hi @Maloy Banerjee1 , what is the answer to question 1 ? Do we need to run this job to close open vulneabilities. Documentation is not clear.

0 Helpfuls