We are excited to bring you the latest integration with Tenable.io.
Infoblox provides Tenable.io with resources such as IP addresses, hosts, and potential threats and in exchange Tenable.io gets improved management on assets and the ability to automatically trigger scans when security events occur. The integration with Infoblox and Tenable.io allows for quicker remediation and more insight into the entire network.
In addition to the features provided in the first version of the templates found here, we have expanded the synchronization of assets between Tenable.io and Infoblox. This integration is built with the Infoblox Outbound REST API.
In the attached files you will find the templates for the Tenable.io integration in JSON format and the deployment guide. The templates are provided “as-is” and should be tested in your lab environment and modified as needed before implementing them into production.
The templates require extensible attributes described in the table below. It is recommended to inherit attributes with the default values from the network view level.
Whether or not using a host’s name as the target name is desired (otherwise will use its IP as the target name). The hostname should be resolvable by Tenable.io.
Timestamp when target was last scanned by Tenable.io.
Whether or not a target will be scanned upon creation.
Whether or not a target will be scanned after a security event.
Whether or adding the target to the Target Group list of targets is desired.
Name of the scan that will scan the target. It must match an active scan on Tenable.io.
Whether or not syncing asset events with Tenable.io is desired.
Timestamp when the asset was added to Tenable.io.
A target group allows you to set permissions on which targets (FQDNs, CIDR notations, ranges, or IP addresses) users can scan.