Integration Status Plugin

Summary

Tenable is announcing the release of a new plugin named Integration Status. The purpose of this plugin is to provide users with helpful information regarding the success or failure when using one of Tenable’s currently supported PAM, MDM, and/or Patch Management Integrations. This gives users a simple way to check on the status of the integration success without having to enable plugin debugging on a per-host basis. Additionally, it improves scan review and performance. In the event that integration status failed, the user can enable plugin debugging, re-scan, and review logs associated with a particular integration for more detail.

Tenable will release this plugin feature in two separate releases. This is based on user demand. Integrations in the initial release include the following.

PAMs

• Arcon
• BeyondTrust Password Safe
• CyberArk (this includes Legacy, non-Legacy, and Dynamic Scanning).
• Delinea Secret Server
• HashiCorp Vault
• QiAnXin
• SenhaSegura
• WALLIX Bastion

MDMs

• AirWatch
• Blackberry UEM
• IBM MaaS360
• Microsoft InTune
• Workspace ONE

Patch Management

• VMware ESX SOAP API
• VMware vCenter API

Integrations that will be released after the initial release include the following.

• Nutanix
• RedHat Satellite Server
• HCL BigFix
• Microsoft SCCM
• Microsoft WSUS

Scope

This plugin reports the success or failure of an integration, based on the intent of the integration. This varies between PAMs, MDM, and Patch Management integrations. Here is a synopsis of each integration type.

Tenable’s PAM integrations retrieve account credentials for one or more targets specified in a scan policy and credential. Tenable determines the success or failure of retrieving the credential from a specific PAM within the scope of the Integration Status plugin. 

NOTE: This plugin does not include authentication success or failure to the target within scope. There are other plugins in existence for this purpose.

Tenable’s MDM integrations retrieve mobile devices and data associated with those devices. Tenable determines success or failure of an MDM integration based on whether devices were retrieved or not.

Tenable Patch Management integrations retrieve patch data from a specific host. In Tenable’s initial release, we’ve included our VMware integrations (ESXi and vCenter). Here are some details regarding the scope of our VMware Integrations as it relates to the new plugin.

Users that configure one or more VMware vCenter API credentials can expect to see integration success or failure on a per host basis.

1. If the target is a vCenter host, Tenable determines whether or not authentication to the API was successful. By adding a vCenter host to the target list, users can get a better perspective on the status of the integration's success or failure.
2. If the target is an ESX host, Tenable determines success or failure based on our ability to retrieve VIBs for this host based on data we retrieve from the vCenter host that manages it. In addition, we report the associated vCenter host that manages it.

Users that configure one or more VMware ESX SOAP API credentials can expect to see success or failure based on Tenable’s ability to gather VIBs directly from the specific ESXi host in the target settings.

Impact

There is no impact to existing scans. If users encounter issues, please open a ticket with Technical Support.

Initial Release Date

July 31, 2024 - Tenable Vulnerability Management, Tenable Nessus, and Tenable Security Center

Remaining Integrations Release Date

2024 Q3 - Tenable Vulnerability Management, Tenable Nessus, and Tenable Security Center