Integrating D3 with Tenable connects vulnerability scans to your security operations command center. D3 ingests Tenable scan reports, analyzes them, and turns them into automation-powered response playbooks. The integration enables threat hunting across endpoints while standardizing and accelerating response to vulnerabilities.
D3’s integration with Tenable solves these issues by feeding vulnerability scans into automation-powered response workflows. When Tenable runs a scan across endpoints and detects a vulnerability, D3 reads and parses the scan report and generates an incident response playbook. D3 determines the endpoint on which the vulnerability was found and enriches the report with contextual information, including how the vulnerability fits into a MITRE ATT&CK kill chain. The user can notify the necessary teams from D3 or generate an IT ticket via D3 to schedule a patch or update. If the organization has existing scripts for patch management, D3 can trigger those directly.
As described in the previous use-case, D3 can generate a ticket for the IT team to resolve a vulnerability found on endpoints via a patch or update. When the IT team closes the ticket, a notification is generated in D3. D3 then schedules a rescan of the affected endpoints via Tenable to verify that the patch has been successfully applied. D3 then ingests the rescan report so that the security analyst can confirm that the vulnerability has been remediated, and so that the entire process is documented in the SOC.
Our Connected SOAR Security Alliance brings hundreds of vendors together, allowing customers to benefit from our deep industry relationships and fully vendor-agnostic, independent SOAR platform.
