Skip to main content
 
 
Splunk Lantern

Tenable

 

Tenable helps organizations understand and reduce cybersecurity risk across their attack surface—in the cloud or on-premises, from IT to OT and beyond. They aim to arm organizations with the visibility and insight needed to answer four critical questions at all times:

  • Where are we exposed?
  • Where should we prioritize based on risk?
  • Are we reducing our exposure over time?
  • How do we compare to our peers?

Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion: 

Getting data in

Source Add-ons and Apps Guidance
Tenable

Splunk platform

Configuration

Use Cases

Tenable Security Center

Splunk SOAR

Tenable.sc is a vulnerability management solution that provides visibility into the security posture of your distributed and complex IT infrastructure. It consolidates and evaluates vulnerability data from across your entire IT infrastructure, illustrates vulnerability trends over time, and assesses risk with actionable context for effective remediation prioritization. In the Common Information Model, Tenable.sc data can be mapped to Vulnerabilities data model. 

Use Cases

Tenable.io

Splunk SOAR

 

Nessus

Splunk SOAR

 

Log Correlation Engine   Splunk Enterprise Security has all the same functionality as Tenable Log Correlation Engine to aggregate, normalize, correlate, and analyze event log data from all the devices within your infrastructure. Read this article to learn how to make the switch.