By: Owen Dubiel
April 28, 2021
Tenable Jira Cloud Integration
By: Owen Dubiel
April 28, 2021
Tenable provides security teams with a ton of vulnerability data on all assets, but how much of this is actionable in its current state. Utilizing Tenable's two-way integration with Jira cloud empowers its users to create an intuitive dashboard that provides insight into their existing security stance. Also, the integration allows you to handle remediation in a streamlined, automated approach. This article will discuss some of the best features to help motivate users to dive into configuring the Tenable to Jira integration.
The Tenable to Jira integration allows users to create custom dashboards for increased visibility around assignment and remediation of vulnerabilities. Analysts can use these dashboards to keep track of daily tasks and leadership to ensure the most recent patches are being applied promptly. The following are some examples of dashboard use cases that can utilize:
- Critical issues past SLA timeframe.
- Created Versus Resolved trend.
- Top open vulnerabilities over 90 days.
- Age of open vulnerabilities.
- Vulnerabilities by host.
- Issues assigned by an assignee.
- Activity Stream in Jira Project.
- Compliance viewpoint for auditing industry regulations.
The above dashboards are only the start of the visibility gained from this integration. Tracking the timeframe based on how long a vulnerability has been assigned to a user is a massive benefit for security teams. It helps provide ammo to move remediation along and push required SLAs. One of the most significant advantages to implementing the Jira Cloud integration is utilizing these dashboards to view data in a different light and act.
This integration provides the ability to assign quickly, address, and close vulnerabilities on a massive scale; otherwise, it wouldn't be done directly within the Tenable platform. The following are some examples of how the integration helps to alleviate the remediation of vulnerabilities:
- Ability to closeout vulnerabilities across Multiple hosts.
- Change tracking on critical vulnerabilities.
- Ability to make comments on a list of tickets at once within Jira.
- Two-way integration allows for updating the Tenable appliance on the vulnerability status.
- Automatic removal if not rediscovered within 90 days.
- Ticket cloning across multiple projects within Jira.
One very difficult challenge faced by users of Tenable is keeping track of what has been fixed. The Jira ticketing platform enables you to maximize your efforts to be inclusive of your environment's current stance without much manual effort. By utilizing the above features, teams are empowered and held accountable for keeping their assets patched across the enterprise. Also, consolidating everything into the Jira cloud allows for accurate tracking around what has been patched or even vulnerabilities that may have recurred.
Within Jira, there is the ability to create automation rules to ease the manual burden of ticket management. The following are some actions that can be achieved with the built-in automation:
- Assign to project.
- Populate fields.
- Clone ticket to a project.
- Link duplicate tickets together.
- Send email notifications.
- Edit fields.
- Close tasks based on specific criteria.
The automation rules built into Jira are endless in their ability to streamline workflows about your Tenable vulnerabilities. They are perfect for small or large companies because customization is easy and straightforward with the UI's ability to create custom automation rules.
Having Tenable scanning your enterprise is a significant first step. To effectively manage the remediation of vulnerabilities discovered, you need a solution like Jira to help create and assign tickets for the work that needs to be performed. The built-in automation will also greatly benefit security teams. It frees them up from making manual tickets, where they would generally be copying over supporting information from Tenable to Jira. To learn more about detecting vulnerabilities or configuring the Nessus scanner in general for Tenable, check out what courses Cybrary offers.