Академический Документы
Профессиональный Документы
Культура Документы
io Cloud Script
Tenable.io Cloud “SaaS” Platform walkthrough is made
up of several key points which are listed below.
• Platform Overview:
• Key Capabilities:
o Elastic Licensing Model
o Asset Model Licensing
o Asset Tracking
o Unlimited use of Sensors
• Highlight Features:
• Use Cases:
o Internal Assessments
o External Assessments
o Scan-less Assessments
o Agents Assessments
o Mobile Device Assessments
o Cloud Assessments
• Tenable.IO SaaS Benefits
Tenable.io delivers visibility and insight for all legacy and modern assets.
1. Discovery
2. Assessment
3. Remediation
4. Validation
---Pause---
Let’s begin with a quick overview of Tenable.io and some of the terms we’ll
use throughout this demo; Workbench, Dashboard and Report:
Workbench:
The Vulnerabilities Workbench breaks down the use of Tenable.io, by your scan
operations, vulnerabilities detected, plugins used, and information about your
scanned assets.
Dashboards:
(Navigate to Outstanding Remediation Tracking Dashboard)
Dashboards are helpful for tracking program success they allow you to report on
the vulnerabilities for over a period of time. They help provide you with the
number of scans run over a given time, the types of scans being run, and what
percentage of data came from authenticated scans vs. what failed.
With Tenable.io you can generate reports in a multitude of ways. The first
approach uses a variety of built-in dashboards.
Dashboards use cumulative data gathered from all sensors and all of the scan
results data. This method provides the most comprehensive view of the overall
program.
You can export any dashboard in a variety of formats for easy distribution. Or,
you can also use our advanced filtering capability to narrow the results displayed
in the dashboard.
This is very useful when creating different reports; for example, a report for your
system administrators showing all vulnerabilities within the past 30 days that
have not yet been patched and or remediated.
This helps target results providing only the relevant information to the desired
audience.
Reports:
(Navigate to Reports Tab)
Prevent information overload by creating reports that other team members can
use that is specific to their job, workflow and task. A simple and intuitive way to
share information and results are utilized for our built-in report templates. These
reports are quick to create and to identify many of the top threats and display the
oversight of the Vulnerability Management program metrics.
Similarly, as with other workflow, Workbench and Dashboard these items can be
shared with team members within Tenable.io, or exported for distribution in
various format for further evaluation and dissemination.
When a new high-profile threat is disclosed, you can quickly scan your assets
specifically for that threat. You would create a report using those scan results
and send it to concerned stakeholders in order to help determine the business
impact as well as the best way to mitigate the threat.
Tenable.io gains even more intelligence by integrating third party data into its
platform including threat intelligence, asset data, and other indicators of security
health.
Tenable.io can easily integrated into third party Security and IT Operations tools
including ticketing, CMDBs, and systems management to prioritize remediation,
enhance IT service delivery and integrate Cyber Exposure into your
organization’s overall IT risk and compliance framework.
---Pause---
---PAUSE---
Now Let’s Look at Tenable.io and How you can Utilize Unlimited
deployment of Sensors:
(Navigate back to Dashboards and then to Assets Workbench)
What this says for you as the customer is that you are no longer paying for
the scanning engines and or agents, as you do with many other
vulnerability management companies. This is not only a cost savings but
allows you to change your vulnerability management ecosystem as your
network and Cyber Security exposure risks change.
---PAUSE---
What are the Tenable.io Asset Discovery and Asset Tracking methods:
By connecting various sensors to Tenable.io, you can discover all of your assets
across your organization. The discovery methods include scanning with Nessus
Scanner on premises, Nessus Cloud Scanners, Nessus Network Monitoring
and/or Nessus Agents.
By simply creating and launching a scan of your environment using the built-in
Host Discovery Scan Template and on-site Nessus Scanner, you can begin to
populate Tenable.io with asset data within minutes of deployment.
For externally facing asset with direct access to the internet or in a DMZ you can
utilize our Nessus Cloud base scanners to identity all of your external devices.
Passive listening is another effective way to identify all approved assets and
rogue assets on your network by utilizing Nessus Network Monitor sensor on
premises for a set of IP address space. This is very effective for continuous
vulnerability scanning and provide vulnerability insight between active scans.
You could also identify assets using Nessus Agents incorporating the agents in
your organization standard system image is an easy way to deploy them this
ensures all newly deployed assets including desktops laptops, critical servers,
virtual machines and cloud-based systems can be accounted for and scanned.
---PAUSE---
Let’s Take a Minute and Review Some of the Use Cases:
(Navigate to the Scans Tab and Select ‘New Scan’)
Keep in mind that we’re only covering a handful of the Detection use cases here
and yours may vary. These are some of the most popular use cases used today
in Tenable.io.
These are also very useful in detecting the non-standard assets that we see in
the workforce these days. As the explosion of IOT continues, so does the threat
surface for any attackers that attempt to circumvent security controls or exploit
vulnerabilities within your network beyond the traditional infrastructure devices
mentioned earlier. This is what we call Cyber Exposure. Here, we would
initially utilize the Host Discovery Scan and then could chose a number of other
choices for additional scans, such as the Basic Network Scan or Advanced
Network Scan.
One strong reason for scanning against your public IP space is to identify assets
you didn't even know you had typically external scans gather data from the
hacker point of view.
It doesn’t require any deployment of any sensors and most of the time, external
scans typically don’t require any credentials or authenticated scans.
An external scan can be configured and run within 5 min of launching the
Tenable.io portal. An Advanced Network Scan here utilizing the Tenable.io cloud
based scanners help provide you external visibility into your infrastructure.
This helps to better prioritize unpatched systems along with their vulnerabilities
and for distribution of updates and hotfixes.
They are an ideal way to scan for remote or mobile workforce and also works
great in cloud environments. Agent scan is the same as for a credentialed
internal credentials assessment that gather similar data on the systems.
Well, what about all of those mobile phones, tablets and non-corporate
owned devices? We offer Mobile Device Assessments in that case.
(Navigate back to the Scanner Tab, highlight Mobile Device Scan)
Our Last Detection Use Case we’re going to cover today is Cloud
Assessments
(Highlight Audit Cloud Infrastructure Icon)
Cloud assessments gather similar data to a cloud provider for example you may
have systems and services with Amazon Web Services to support your business.
To assess those workloads, you can either deploy a pre-authorized Nessus
scanner with an AWS; or install agents on individual EC2 instances.
We’ve touched on just a few of the available scans and capabilities of Tenable.io
SaaS offering.