According to the latest Ransomware Spotlight Year End report, 56% of the 223 older vulnerabilities identified before 2021 are still actively abused and used as gateways for ransomware attacks. This begs the question of why companies are not patching vulnerabilities regularly. Most large organizations struggle with closing the communication gap between their ITOps team and SecOps team, which mainly causes delays and disruption in critical, interrelated activities such as vulnerability detection and patch management.
With the explosion of endpoints and employees using mobile devices and BYOD devices to do their jobs, it is imperative that enterprise IT and security teams have a centralized view of what is happening in their networks. Despite this, we find that most organizations are still struggling with legacy and traditional practices. The time organizations hesitate to adopt a modern security approach is wasted solving real problems amid the noise.
Vulnerability detection and patch management from the same console
With the ManageEngine – Tenable.io integration, we want to reduce the unnecessary back and forth between the ITOps and SecOps teams when detecting a problem and fixing it.
Tenable.io, one of the best vulnerability assessment and detection tools on the market, can now be integrated with ManageEngine patch management solutions, one of the most customizable and lightweight patch solutions on the market. This integration joins forces to address a disability that most large enterprises face today, leveraging Tenable.io’s comprehensive vulnerability coverage with Patch Manager Plus’ automated and flexible patch management practices.
With the ManageEngine - Tenable.io integration, you can
- Take advantage of the comprehensive coverage of vulnerabilities that Tenable.io provides.
- Automatically correct detected vulnerabilities with released patches.
- Take advantage of the premium features, flexibility and customizability that ManageEngine offers when testing and deploying patches to endpoints.
- Prioritize patches by comparing vulnerabilities based on vulnerability priority rating (VPR).
- Centralize asset data for better visibility and operation.
- Reduce the time required to resolve vulnerabilities and avoid delays in fixing critical vulnerabilities.
- ITOps and SecOps teams help coordinate better with each other.
- See the most current status of fixing vulnerabilities by scanning regularly.
ManageEngine products that support integration
This integration is supported for the following ManageEngine products starting with build version 11.1.2236.02:
- Endpoint Central
- Endpoint Central Cloud
- Patch Manager Plus
- Patch Manager Plus Cloud
This integration displays patches for vulnerabilities in the following categories:
- Windows
- Windows: Microsoft bulletins
- Databases
- Other
Getting started with integration
Integrating Tenable.io with ManageEngine products is a simple two-step process:
- Generating the API keys in Tenable.io.
- Configuring API settings in ManageEngine products.
Generating API keys in Tenable.io
- To generate Tenable.io API keys, you must have Administrator access to Tenable.io.
- If you have administrator privileges, you can generate the required API keys by following Tenable.io’s user guide.
- Once you click Generate, Tenable.io generates an Access Key and Secret Key. Store these keys in a safe location.
Configure API settings in your ManageEngine products.
- Navigate to Administration > Integration > Threat Scanner Settings. Only users with administrator privileges can configure API settings.
- Enter the Access Key and the Secret Key.
- Enable or disable asset export from ManageEngine to Tenable.io.
- Configure the frequency at which you want data synchronization to occur.
- Click Save to enable the integration.
