Skip to main content
Lantern Home

 

Splunk Lantern

Tenable

  1. Last updated
  2. Save as PDF

Tenable helps organizations understand and reduce cybersecurity risk across their attack surface—in the cloud or on-premises, from IT to OT and beyond. They aim to arm organizations with the visibility and insight needed to answer four critical questions at all times:

  • Where are we exposed?
  • Where should we prioritize based on risk?
  • Are we reducing our exposure over time?
  • How do we compare to our peers?

Before looking at documentation for specific data sources, review the Splunk Help information on general data ingestion for Splunk Enterprise, Splunk Cloud Platform or Splunk Observability Cloud.

Getting data in

Source Add-ons and Apps Guidance

Tenable

Tenable products offer continuous visibility into assets, vulnerabilities, and misconfigurations, enabling proactive risk reduction and compliance.

Splunk platform

Configuration

Splunk Lantern Articles

Tenable Security Center

Tenable.sc is a vulnerability management solution that provides visibility into the security posture of your distributed and complex IT infrastructure. It consolidates and evaluates vulnerability data from across your entire IT infrastructure, illustrates vulnerability trends over time, and assesses risk with actionable context for effective remediation prioritization. In the Common Information Model, Tenable.sc data can be mapped to Vulnerabilities data model. 

Splunk SOAR

Splunk Lantern Articles

Tenable.io

Tenable.io is a cloud-based vulnerability management platform that provides comprehensive visibility into an organization's attack surface, including IT, OT, and cloud environments. It continuously assesses assets for vulnerabilities, misconfigurations, and compliance deviations, offering actionable insights to prioritize and remediate risks effectively.

Splunk SOAR

 

Nessus

Nessus is a widely used vulnerability scanner developed by Tenable, designed to identify security vulnerabilities, configuration issues, and malware on a wide range of systems and devices. It provides comprehensive scanning capabilities, offering detailed reports to help organizations understand and address their security posture.

Splunk SOAR

 

Log Correlation Engine

Tenable Log Correlation Engine (LCE) is a log management and security information and event management (SIEM) solution that collects, analyzes, and correlates log data from various sources to detect security threats and ensure compliance.

   Splunk Enterprise Security has all the same functionality as Tenable Log Correlation Engine to aggregate, normalize, correlate, and analyze event log data from all the devices within your infrastructure. Read this article to learn how to make the switch.

Tenable Web App Scanning (WAS)

Tenable Web App Scanning provides easy-to-use, comprehensive and automated vulnerability scanning for modern web applications. In the Common Information Model, Tenable WAS data can be mapped to Vulnerabilities data model. 

  

Splunk Lantern Articles

Identifying web application vulnerabilities with Tenable WAS