Compliance
Note: If a scan is based on a user-defined
However, a lack of vulnerabilities does not mean the servers are configured correctly or are “compliant” with a particular standard.
You can use
At a higher level, if this information is aggregated for an entire network or asset class, security and risk can be analyzed globally. This allows auditors and network managers to spot trends in non-compliant systems and adjust controls to fix these on a larger scale.
When configuring a scan or policy, you can include one or more compliance checks, also known as audits. Each compliance check requires specific credentials.
Some compliance checks are preconfigured by Tenable, but you can also create and upload custom audits.
For more information on compliance checks and creating custom audits, see the Compliance Checks Reference.
| Compliance Check | Required Credentials |
|---|---|
| Adtran AOS | SSH |
| Alcatel TiMOS | SSH |
| Amazon AWS | Amazon AWS |
| Arista EOS | SSH |
| Blue Coat ProxySG | SSH |
| Brocade FabricOS | SSH |
| Check Point GAiA | SSH |
| Cisco ACI | SSH |
| Cisco Firepower | SSH |
| Cisco IOS | SSH |
| Citrix XenServer | SSH |
| Database | Database |
| Dell Force10 FTOS | SSH |
| Extreme ExtremeXOS | SSH |
| F5 | F5 |
| FireEye | SSH |
| Fortigate FortiOS | SSH |
| Generic SSH | SSH |
| HP ProCurve | SSH |
| Huawei VRP | SSH |
| IBM iSeries | IBM iSeries |
| Juniper Junos | SSH |
| Microsoft Azure | Microsoft Azure |
| Mobile Device Manager | AirWatch, Apple Profile Manager, or Mobileiron |
| MongoDB | MongoDB |
| NetApp API | NetApp API |
| Office 365 | Office 365 |
| OpenStack | OpenStack |
| NetApp Data ONTAP | SSH |
| Palo Alto Networks PAN-OS | PAN-OS |
| Rackspace | Rackspace |
| RHEV | RHEV |
| Salesforce.com | Salesforce SOAP API |
| SonicWALL SonicOS | SSH |
| Unix | SSH |
| Unix File Contents | SSH |
| VMware vCenter/vSphere | VMware ESX SOAP API or VMware vCenter SOAP API |
| WatchGuard | SSH |
| Windows | Windows |
| Windows File Contents | Windows |
| ZTE ROSNG | SSH |