Understanding the Tenable Vulnerability Integration

BhavaniYamsani
Tera Contributor

14 hours ago - last edited 14 hours ago

Integrating Tenable with ServiceNow Security Operations enables streamlined vulnerability management by importing and managing vulnerabilities directly within ServiceNow. Follow these steps to configure the integration:

 

Step 1: Install the Vulnerability Response Integration

  1. Log in to your ServiceNow instance.
  2. Navigate to the ServiceNow Store and download the Vulnerability Response Integration with Tenable application.
  3. Use the Setup Assistant in the Vulnerability Response module to install and configure the integration.

 

Step 2: Configure Tenable Connector

  1. Navigate to the Tenable Connector in ServiceNow.
  2. Select the appropriate Tenable product (e.g., Tenable.ioTenable.sc, or Tenable.cs) based on your environment.
  3. Provide the required API credentials for Tenable: API Key or Access Token for authentication. MID Server configuration if using an on-premises Tenable.sc instance.

 

Step 3: Set Data Retrieval Parameters

  1. Define the scope of data to import: Specify asset and vulnerability filters (e.g., severity levels like High or Critical). Configure schedules for asset and vulnerability imports.
  2. Enable asset tags in Tenable.io to organize imported assets in ServiceNow's CMDB.

 

Step 4: Map Assets to Configuration Items (CIs)

  1. Use CI Lookup Rules to match imported assets from Tenable with existing CIs in ServiceNow's CMDB.
  2. For unmatched assets, configure rules to create new CIs automatically.

 

Step 5: Validate Integration

  1. Test the configuration by running a manual data import.
  2. Verify that vulnerabilities and assets are correctly imported into ServiceNow's Vulnerability Response module.

 

Best Practices

  • Use filters to limit imported vulnerabilities to relevant data, reducing noise.
  • Schedule regular imports and scans for up-to-date vulnerability data.
  • Enable auto-closing of stale vulnerable items to maintain a clean database.

 

This integration enhances visibility into vulnerabilities, enabling efficient prioritization and remediation.

 

Mark It as HELPFUL, if you found this as informational.


Thanks & Regards
Yamsani Bhavani
ServiceNow Developer - SecOps, GRC

Preview file
81 KB
  • 82 Views
0 REPLIES 0