Menu
Contact
Menu

Security Center Extension Pack – extending the capabilities of SC+

The Security Center Extension Pack is a set of components developed by the OpenBIZ Competency Center that extend the integration capabilities of the Security Center/Security Center Continuous View system developed by Tenable Inc. OpenBIZ Sp. z o.o. is a Tenable Platinum Partner and a participant in the program.

  • Work in two modes:
    • one host is one issue
    • each vulnerability is a separate issue
  • Handle unlimited number of JIRA projects
  • Automatic creation of issues in JIRA based on information from Security Center
  • Automatic issues management based on information from Security Center: changes of status, closing, reopening, content updates
  • CSV files containing vulnerabilities lists can be attached to issues in order to integrate with external patch management systems
  • Enable to fully configure schema of the name of issues in order to help viewing their lists
  • Flexible configuration of data downloaded from Security Center: filtering by IP address, severity level, repository or asset
  • Redirect automatically to defined assignee and establish list of watchers
  • Local data caching accelerate analysis data from Security Center and its comparison with JIRA issues
  • Vuln2jira operates on Linux (recommended) and MS Windows
  •  

  • Vuln2jira implements Deming Cycle paradigm. Following four steps are executed at every application run:

    1. Import of vulnerabilities – connect to Security Center server and download information about vulnerabilities according to definied filtering: IP address, severity level, repository and assets
    2. Analysis and comparison – vulnerability information downloaded from Security Center server are analyzed and compared with JIRA issues. Caching significantly accelerates operation
    3. New issues creation – for newly found vulnerabilities the new JIRA issues are created
    4. Issues status update – existing issues are automatically verified basing on its status and content update.

For each host with existing vulnerabilities (according to filters set in configuration) JIRA issue is created. It contains:

  1. In “Description” field identification of the host (DNS name and operation system), total Score, number of vulnerabilities by threat level (Critical, High, …),
  2. In “Attachments” field attached csv files contain vulnerabilities list with Description and Solution fields
  3. Comments about changes made in issue description: open, reopen, change of vulnerability list since last run
  4. “Assignee” and “Watchers” fields are filled according to the vuln2jira configuration

If vulnerability was found for existing issue with status “Closed” change is made automatically to “Reopened”. Also if vulnerabilities exist for “Resolved” issue, change is made to “Reopened”. Automatically another CSV attachment is created, “Description” field is updated and new comment about changes in vulnerabilities list appear. For issues with no existing vulnerabilities status is automatically changed to “Closed”.

 

For every vulnerability found according to filter set in vuln2jira issue is automatically created in this mode. Issues’ closing and reopening is managed by the program. This mode is recommended for well patched systems only (with relatively small number of vulnerabilities). Otherwise huge number of issues may saturate JIRA and affect the performance.

If vulnerability was found for existing issue with status “Closed” change is made automatically to “Reopened”. Also if vulnerabilities exist for “Resolved” issue, change is made to “Reopened”. Automatically “Description” field is updated and new comment about changes in vulnerabilities list appear.

For issues with no existing vulnerabilities status is automatically changed to “Closed”.

Plugin “Accept Risk Add-on” is available for purchase. It extends functionality of vuln2jira by enabling registering AcceptRisk request in Security Center from JIRA.