Add Network Context to Identify Scan Coverage Gaps
RedSeal is a network modeling and risk scoring platform. At its core, the way RedSeal works is to fetch and normalize all configurations, access rules, and routes across all your physical network devices as well as public and private cloud environments. Then, it does the computationally intensive analysis to build a model of your network, including all access paths and routes.
RedSeal’s integration with Tenable scan engines (Nessus, Tenable.io, and Tenable SecurityCenter) allows it to prioritize identified vulnerabilities based on the network model and highlight any scan coverage gaps in your network.
From your familiar Tenable interface, RedSeal will import your scan file and overlay the results on your network model. It will prioritize vulnerabilities based on the degree of access between untrusted networks and your valuable assets, and then identify subnets with no scan data from Tenable. Next, RedSeal creates an asset in Tenable SecurityCenter that includes all the un-scanned IPs for remediation. Finally, in the asset description, RedSeal includes a detailed path analysis that shows a traceroute between the scan engine and each un-scanned asset. The detailed path analyses let you know if the scan engine is blocked and display the exact line in the controlling device’s configuration that is blocking access.
RedSeal’s integration with Tenable adds value to each phase of a vulnerability management process cycle: discover assets, perform assessment, triage findings, and remediation and mitigation.
- Discover Assets: Identify assets that have no scan data
- Perform Assessment: Identify network devices and rules preventing scanner access and visualize all reachable assets for optimal scanner placement
- Triage Findings: Prioritize vulnerabilities based on network context, the degree of access between untrusted networks and your valuable assets
- Remediation and Mitigation: Identify precise access paths and devices to update to eliminate unnecessary access
With this integration you can:
- Create un-scanned asset reports inside Tenable SecurityCenter
- Launch detailed path analyses from each scan engine to the un-scanned asset