Smart SOAR’s integration with Tenable feeds vulnerability scans into automation-powered response workflows. When Tenable runs a scan across endpoints and detects a vulnerability, Smart SOAR reads and parses the scan report and triggers an incident response playbook. Smart SOAR determines the endpoint on which the vulnerability was found and enriches the report with contextual information. The user can notify the necessary teams from Smart SOAR or generate an IT ticket to schedule a patch or update. If the organization has existing scripts for patch management, Smart SOAR can trigger those directly.
As described in the previous use-case, Smart SOAR can generate a ticket for the IT team to resolve a vulnerability found on endpoints via a patch or update. When the IT team closes the ticket, a notification is generated. Smart SOAR then schedules a rescan of the affected endpoints via Tenable to verify that the patch has been successfully applied. Smart SOAR then ingests the rescan report so that the security analyst can confirm that the vulnerability has been remediated, and so that the entire process is documented in the SOC.
Our Connected SOAR Security Alliance brings hundreds of vendors together, allowing customers to benefit from our deep industry relationships and fully vendor-agnostic, independent SOAR platform.