Recently Viewed Topics
A wide variety of LCE analysis and reporting tools are available to SecurityCenter users. These users can make use of any LCE event that intersects with their range of managed IP addresses. All analysis and reporting options are described in the SecurityCenter User Guide.
LCE can leverage log data to find vulnerabilities. The Tenable plugins that report this information will have the plugin ID range of 800,000 - 899,999. A sample screen capture of data that can be found is shown below:
You can filter for the vulnerabilities identified by LCE in SecurityCenter by using the “Filters” and selecting “Plugin ID”, then selecting “≥” and then entering “800000”.The filter setting is pictured below:
After PRM processing normalizes an event, the event is submitted to the LCE TASL engine for advanced processing by TASL scripts. TASL scripts are used for many types of detection events such as thresholds, successful attack detection, and alerting. By default, all TASL scripts are included on the LCE server; however they can be disabled manually in the “TASL and Plugins” section of the LCE GUI described in detail earlier in this document. For more information regarding TASL scripts review the LCE TASL Reference Guide.