Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Tenable

Reply
This is an open group. Sign in and click the "Join Group" button to become a group member and start posting.
Infoblox & Tenable.io Integration 2.0 Templates and Deployment Guide
New Member
Posts: 10
Registered: ‎06-24-2019
New Member
Posts: 12

We are excited to bring you the latest integration with Tenable.io.

 

Infoblox provides Tenable.io with resources such as IP addresses, hosts, and potential threats and in exchange Tenable.io gets improved management on assets and the ability to automatically trigger scans when security events occur. The integration with Infoblox and Tenable.io allows for quicker remediation and more insight into the entire network.

 

In addition to the features provided in the first version of the templates found here, we have expanded the synchronization of assets between Tenable.io and Infoblox. This integration is built with the Infoblox Outbound REST API.

 

In the attached files you will find the templates for the Tenable.io integration in JSON format and the deployment guide. The templates are provided “as-is” and should be tested in your lab environment and modified as needed before implementing them into production.

 

The templates require extensible attributes described in the table below. It is recommended to inherit attributes with the default values from the network view level.

 

Extensible Attributes

Description

Type

TNBL_IO_Add_by_Hostname

Whether or not using a host’s name as the target name is desired (otherwise will use its IP as the target name). The hostname should be resolvable by Tenable.io.

List

(true, false)

TNBL_IO_Last_Scan

Timestamp when target was last scanned by Tenable.io.

String

TNBL_IO_Scan_On_Add

Whether or not a target will be scanned upon creation.

List

(true, false)

TNBL_IO_Scan

Whether or not a target will be scanned after a security event.

List

(true, false)

TNBL_IO_Sync

Whether or adding the target to the Target Group list of targets is desired.

List

(true, false)

TNBL_IO_Scan_Template

Name of the scan that will scan the target. It must match an active scan on Tenable.io.

String

TNBL_IO_Asset_Sync

Whether or not syncing asset events with Tenable.io is desired.

List

(true, false)

TNBL_IO_Sync_Time

Timestamp when the asset was added to Tenable.io.

String

TNBL_IO_Target_Group

A target group allows you to set permissions on which targets (FQDNs, CIDR notations, ranges, or IP addresses) users can scan.

String

 

Showing results for 
Search instead for 
Did you mean: