Configure Tenable Security Center
Required User Role: Security Manager
Note: See the Tenable Security Center User Guide for information about user role configuration.
Before you begin:
- You must have Tenable Security Center 5.7+.
- Install the Tenable Plugin for JIRA.
- In JIRA, identify or create the project where you want the plugin to create vulnerability issues.
- You must have administrative access privileges in JIRA.
-
For plugin versions 10.1.0 and later, you must use API keys for authentication.
Note: For your Tenable Security Center integration:
- For more information about API keys, see Enable API Key Authentication and Generate API Keys.
- Record/store your API token and key. This is required to Reset the Plugin, if needed.
To configure Tenable Security Center:
- Log in to JIRA.
- Click
> Add-ons.
-
In the left navigation pane, click Tenable Security Center Configuration.
The Tenable Security Center Configuration page appears.
-
Use the following table to fill in the appropriate JIRA options.
Option Name Description Input Enabled (Optional) When enabled, Tenable Security Center starts collecting data. When disabled, Tenable Security Center stops collecting data.
Note: If you stop data collection, then start it again, Tenable Security Center provides data from the point where you previously stopped.
Check box Address The data collection source. IP address or hostname Access Key Ensures user account authentication. User access key Secret Key Ensures user account authentication User secret key Verify SSL If enabled, JIRA verifies the SSL Certificate in Tenable Security Center. Check box Sync Since (Optional) Specifies the start date of the vulnerability data you want to collect from Tenable Security Center. If you do not specify a start date, data collection starts from the last date you last enabled data collection.
Caution: If this option is changed, you must click the Reset Add-on button to save this change.
Date
mm/dd/yyyy hh:mm
Filter Type Can be Severity (default) or Custom Query. Check box Lowest Severity to Store Specifies the lowest level of severity of the vulnerabilities you want to collect from Tenable Security Center. Tenable Security Center severity levels include the following:
- info - The vulnerability has a CVSS score of 0
- low - The vulnerability has a CVSS score between -0.1 and 3.9.
- medium - The vulnerability has a CVSS score between 4.0 and 6.9.
- high - The vulnerability has a CVSS score between 7.0 and 9.9
- critical - The vulnerability has a CVSS score of 10.0
Drop-down box Interval Specifies the interval, in minutes, at which JIRA queries Tenable Security Center for vulnerability data. This interval must be set between 60 and 1,440 minutes. Minutes Group By Specifies the grouping mechanism to use when creating JIRA tickets.
-
Vulnerability - Grouped by vulnerability ticket.
- Asset - Grouped by asset ticket.
Note: This drop-down is only enabled if you choose a new project in the Default Project drop-down.
Drop-down box Query Name Specifies the user-created query name in Tenable Security Center. (Case Sensitive) Note: Select Vulnerability Detail List as the tool to use against the data from the drop-down in the top-left of the page.
Drop-down box Default Project Specifies the project where JIRA creates new vulnerability issues.
Caution: If you change this option after initial configuration, you must click Reset Add-On to save your change.
Drop-down box Default Assignee Specifies the user to whom the plugin automatically assigns the vulnerability issues.
Note: The list only displays users that are members of the following groups: jira-administrators, jira-software-users, jira-core-users, and jira-servicedesk-users.
Drop-down box Default Reporter Specifies the owner of all items in Jira created from add-on.
Note: The list only displays users that are members of the following group: jira-administrators.
Drop-down box Custom Priority Mapping Enable this to provide a custom Tenable severity to the Jira priority mapping you select for each Tenable severity.
Severity mapping includes the following:
- Info
- Low
- Medium
- High
- Critical
Toggle Enable Proxy (Optional) Enables the plugin to collect Tenable Security Center data via a proxy server. If you select this option, the plug- in prompts you to enter the following:
- URL - (Required) The URL of the proxy server.
- Username - (Optional) The username that JIRA uses to connect to the proxy server.
- Password - (Optional) The password that JIRA uses to connect to the proxy server.
Note: The username and password are optional if you use a proxy without authentication.
Check box and text boxes - Click Save, or if you have changed the Default Project or Sync Since options, click Reset Add-on.
- Once the configuration is saved, the plugin creates custom fields in JIRA.