Skip to content
This repository has been archived by the owner on Mar 11, 2024. It is now read-only.

tenable/integration-cscc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

tenable_cscc

tenable_cscc

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

README.md

README.md

 
 

install-tenable-cscc.sh

install-tenable-cscc.sh

 
 

setup.py

setup.py

 
 

test-requirements.txt

test-requirements.txt

 
 

Repository files navigation

NOTE: This project has been archived and is slated to be removed in the second half of 2024.

Tenable.io -> Google Cloud Security Command Center

This tool is designed to consume Tenable.io vulnerability data, transform that data into the Google Security Command Center format, and then upload the resulting data into Google Security Command Center.

The tool can be run as either as a one-shot ingest or as a continuous service.

Requirements for use

  • API Keys for a service account in Tenable.io that can use the Exports API (Generally an Admin User)
  • Service Account within Google Cloud that has the required permissions to edit findings and state (Security Center Findings Editor, and Security Center Findings State Setter roles).
  • A host to run the script on that can run a Python 3.x environment. As this bridge talks cloud-to-cloud, where it is located does not matter.

Installing

pip install tenable-cscc

Setup

  1. Add the Tenable.io CSCC Service from the Marketplace
  2. Copy the source id that was generated (we will use this later)
  3. Create a service key for the account that was created
  4. Create a new VM Instance to store the integration (Debian 9)
  5. Download the installation script: curl -o installer.sh https://raw.githubusercontent.com/tenable/integration-cscc/master/install-tenable-cscc.sh
  6. Run the installer chmod 755 installer.sh && sudo ./installer.sh
  7. Copy the service key onto the host (such as /etc/google-account.json).
  8. Update the variables within the /etc/tenable-cscc.conf file.
  9. Start the service sudo systemctl start tenable-cscc

Options

The following below details both the command-line arguments as well as the equivalent environment variables.

Usage: tenable-cscc [OPTIONS]

  Tenable.io -> Google Cloud Security Command Center Bridge

Options:
  --tio-access-key TEXT           Tenable.io Access Key
  --tio-secret-key TEXT           Tenable.io Secret Key
  -b, --batch-size INTEGER        Export/Import Batch Sizing
  -v, --verbose                   Logging Verbosity
  -s, --observed-since INTEGER    The unix timestamp of the age threshold
  -r, --run-every INTEGER         How many hours between recurring imports
  -t, --threads INTEGER           How many concurrent threads to run for the
                                  import.
  -s, --service-account-file PATH
  -i, --source-id TEXT            The GCP CSCC Source ID
  --help                          Show this message and exit.

Usage

Run the import once:

tenable-cscc                                    \
    --tio-access-key {TIO_ACCESS_KEY}           \
    --tio-secret-key {TIO_SECRET_KEY}           \
    --service-account-file {SA_JSON_FILENAME}   \
    --source-id {SOURCE_ID}

Run the import once an hour:

tenable-cscc                                    \
    --tio-access-key {TIO_ACCESS_KEY}           \
    --tio-secret-key {TIO_SECRET_KEY}           \
    --service-account-file {SA_JSON_FILENAME}   \
    --source-id {SOURCE_ID}
    --run-every 1

Changelog

Visit the CHANGELOG

About

Tenable.io to Google Cloud Security Command Center Bridge

Resources

Readme

Security policy

Security policy
Activity
Custom properties

Stars

3 stars

Watchers

7 watching

Forks

3 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages