TOC & Recently Viewed

Recently Viewed Topics

Compliance

Tenable.io can perform vulnerability scans of network services and log into servers to discover any missing patches.

However, a lack of vulnerabilities does not mean the servers are configured correctly or are “compliant” with a particular standard.

You can use Tenable.io to perform vulnerability scans and compliance audits to obtain all of this data at one time. If you know how a server is configured, how it is patched, and what vulnerabilities are present, you can determine measures to mitigate risk.

At a higher level, if you aggregate this data for an entire network or asset class, you can analyze security and risk globally. This allows auditors and network managers to spot trends in non-compliant systems and adjust controls to fix these on a larger scale.

When configuring a scan or policy, you can include one or more compliance checks.

Audit Capability Required Credentials Description
Adtran AOS SSH A predefined or custom audit policy file to be specified to test Adtran AOS based devices against compliance standards.
Amazon AWS Amazon AWS A predefined or custom audit policy file to be specified to test a Amazon AWS account against compliance standards.
Blue Coat ProxySG SSH A predefined or custom audit policy file to be specified to test Bluecoat ProxySG based devices against compliance standards.
Brocade FabricOS  SSH A predefined or custom audit policy file to be specified to test Brocade FabricOS based devices against compliance standards.
Check Point GAiA SSH A predefined or custom audit policy file to be specified to test CheckPoint GAiA based devices against compliance standards.
Cisco IOS SSH A predefined or custom audit policy file to be specified to test Cisco IOS based devices against compliance standards.
Citrix XenServer SSH A predefined or custom audit policy file to be specified to test Citrix XenServer host against compliance standards.
Database Database credentials A predefined or custom audit policy file to be specified to test Database servers against compliance standards.
Dell Force10 FTOS SSH A predefined or custom audit policy file to be specified to test Dell Force10 FTOS based devices against compliance standards.
Extreme ExtremeXOS SSH A predefined or custom audit policy file to be specified to test Extreme ExtremeXOS based devices against compliance standards.

F5

F5

A predefined or custom audit policy file to be specified to test F5 based devices against compliance standards.

FireEye SSH A predefined or custom audit policy file to be specified to test FireEye based devices against compliance standards.
Fortigate FortiOS SSH A predefined or custom audit policy file to be specified to test Fortigate FortiOS based devices against compliance standards.
HP ProCurve SSH A predefined or custom audit policy file to be specified to test HP ProCurve based devices against compliance standards.
Huawei VRP SSH A predefined or custom audit policy file to be specified to test Huawei devices against compliance standards.
IBM iSeries IBM iSeries A predefined or custom audit policy file to be specified to test IBM iSeries servers against compliance standards.
Juniper Junos SSH A predefined or custom audit policy file to be specified to test Juniper Junos based devices against compliance standards.
Microsoft Azure Microsoft Azure A predefined or custom audit policy file to be specified to test Microsoft Azure accounts against compliance standards.
Mobile Device Manager AirWatch/Apple Profile Manager/Mobileiron  A predefined or custom audit policy file to be specified to test Mobile Device Management systems against compliance standards.
MongoDB MongoDB A predefined or custom audit policy file to be specified to test MongoDB servers against compliance standards.
NetApp Data ONTAP SSH A predefined or custom audit policy file to be specified to test NetApp DataONTAP devices against compliance standards.

OpenStack

OpenStack

A predefined or custom audit policy file to be specified to test OpenStack devices against compliance standards.

Palo Alto Networks PAN-OS PAN-OS A predefined or custom audit policy file to be specified to test Palto Alto Networks PAN-OS based devices against compliance standards.
Rackspace Rackspace A predefined or custom audit policy file to be specified to test Rackspace accounts against compliance standards.
RHEV RHEV A predefined or custom audit policy file to be specified to test Red Hat Enterprise Virtualization servers against compliance standards.
Salesforce.com Salesforce SOAP API A predefined or custom audit policy file to be specified to test Salesforce accounts against compliance standards.
SonicWALL SonicOS SSH A predefined or custom audit policy file to be specified to test SonicWALL SonicOS based devices against compliance standards.
Unix SSH A predefined or custom audit policy file to be specified to test Unix servers against compliance standards.
Unix File Contents SSH A predefined or custom audit policy file to be specified to test Unix servers for sensitive content such as SSN, credit cards etc.
VMware vCenter/vSphere VMware ESX SOAP API or VMware vCenter SOAP API A predefined or custom audit policy file to be specified to test VMware vCenter/vSphere servers against compliance standards.
WatchGuard SSH A predefined or custom audit policy file to be specified to test WatchGuard devices against compliance standards.
Windows Windows A predefined or custom audit policy file to be specified to test Windows servers against compliance standards.
Windows File Contents Windows A predefined or custom audit policy file to be specified to test Windows servers for sensitive content such as SSN, credit cards etc.

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.