Tenable Vulnerability Management Priority Scanning for CyberArk

Tenable Vulnerability Management sets a priority system that allows for flexible querying. The following is set out to describe the order Tenable Vulnerability Management tries values and the logic behind it.

1. Tenable Vulnerability Management will query CyberArk with the target value entered into the Tenable Vulnerability Management Targets configuration field. For example, if you put a FQDN in the target list, Tenable Vulnerability Management will query CyberArk with the address value of the FQDN. If you enter an IP address or range such as 192.0.2.1-20, Tenable Vulnerability Management will try to query using the IP address or IP range of the target system(s) in the CyberArk Address value. If the target system uses FQDN and can be resolved, then it will be contacted.
2. If the target value fails, Tenable Vulnerability Management will then look to see if there is a domain value (for a Windows system). If a domain value is present, Tenable Vulnerability Management will query CyberArk using the domain value for the address value to attempt to use domain credentials.
3. If the configured target value and the domain value both fail, Tenable Vulnerability Management will then pull the IP address of the system. If the IP address does not match one of the IP addresses supplied in the target list, Tenable Vulnerability Management will then query CyberArk using the IP address of the target itself. This is checked against the target value in the configuration to prevent querying CyberArk twice with the same value.