How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
We use it to scan all of our servers and network devices on a monthly basis. Then based on the outcome, we do the patching depending on high availability, and so on.
We use it for scanning across our network. We leverage the Nessus scanners to scan the environments we have. That includes the external view, scanning across our DMZ, PCI, and internal environments. We have our Windows and Linux clients and servers. We have IP enabled on almost everything, including the printers, cameras, and elevator banks. It does some analysis on anything that's plugged into the network, with varying degrees of efficiency based on what the device is. We do full IP-import scans periodically. When we do the actual scans themselves they're usually more narrowed and focused, because if you did every port and every IP every time it would take forever.
We have three or four use cases. The first is enterprise vulnerability management through continuous scanning. Twice a week, every week, we fully authenticate every host in the environment to perform authenticated scans. The caveat there is our mobile workstations, like our Macs or our Windows laptops. We've deployed agents on them and we do those scans daily. The second use case is baseline adherence. We have tailored, customized, secure baselines for about 40 technologies in the environment and we attest to them once a week: everything from common server versions, to a dozen or more database technologies, to middleware, etc. Thirdly, we use Tenable.io as our PCI ASV. That's our scanning platform to satisfy some of our PCI controls. Finally, we also use Tenable.io to perform truly continuous - in the sense that it never stops - unauthenticated scanning at the perimeter. We use Tenable to monitor many dozens of technologies. For the most part, any database technology you can think of: multiple versions of Windows Server, Windows 10 on the workstation, High Sierra and Mojave for macOS, a bunch of different networking technologies. The list goes on.
What do you like most about Tenable SecurityCenter Continuous View?
Thanks for sharing your thoughts with the community!