← Vendor Index 🏠 āļŦāļ™āđ‰āļēāđāļĢāļ WSS Info

🔎 Tenable

āļœāļĨāļīāļ•āļ āļąāļ“āļ‘āđŒāļŠāļģāļŦāļĢāļąāļš Vulnerability Assessment, Attack Surface Management āđāļĨāļ° Cloud Security — āļĢāļ­āļ‡āļĢāļąāļš WSS āļ‚āđ‰āļ­ 7 (āļāļēāļĢāļĢāļ°āļšāļļāļ„āļ§āļēāļĄāđ€āļŠāļĩāđˆāļĒāļ‡) āđāļĨāļ°āļ‚āđ‰āļ­ 8 (āļāļēāļĢāļ›āđ‰āļ­āļ‡āļāļąāļ™)

📊 Tenable Products → WSS Mapping

WSS āļ‚āđ‰āļ­āļŦāļąāļ§āļ‚āđ‰āļ­Tenable ProductāļŸāļąāļ‡āļāđŒāļŠāļąāļ™
6.2āļ„āļļāļ“āļĨāļąāļāļĐāļ“āļ°āļŊ āļ‚āđ‰āļ­āļĄāļđāļĨTenable.io / Tenable.csData Classification, Risk Assessment
7.1VA / Risk AssessmentNessus Pro / Tenable.ioVulnerability Scanning, Risk Scoring (CVSS)
7.1aāļ—āļ°āđ€āļšāļĩāļĒāļ™āļ—āļĢāļąāļžāļĒāđŒāļŠāļīāļ™Tenable.asmAttack Surface Discovery, Asset Inventory
7.1bāļ›āļĢāļ°āđ€āļĄāļīāļ™āļ„āļ§āļēāļĄāđ€āļŠāļĩāđˆāļĒāļ‡Tenable.sc (SecurityCenter)Risk-Based Vulnerability Management
7.1dVulnerability AssessmentNessus / Tenable.ioVA scanning, Plugin library >180K
7.1ePenetration TestingTenable.io (integration)PT data import, correlation
7.1fThird PartyTenable.asm (Third-party Discovery)Vendor Risk Assessment
8.4System HardeningNessus (CIS Benchmark Audit)Configuration Auditing, CIS/DISA STIG
8.6Secure ConfigurationNessus Config AssessmentOS/DB/Web Server Config Audit
8.7TLS CertificateTenable.cs / NessusSSL/TLS Assessment, Cipher Audit
9.1Continuous MonitoringTenable.io (Live Monitoring)Continuous VA, Threat intel feed
9.1aāļāļĨāđ„āļāļ•āļĢāļ§āļˆāļˆāļąāļšTenable.io / Nessus Network MonitorPassive Network Monitoring

🔎 āļĢāļēāļĒāļĨāļ°āđ€āļ­āļĩāļĒāļ”āļœāļĨāļīāļ•āļ āļąāļ“āļ‘āđŒāđ€āļŠāļīāļ‡āļĨāļķāļ

Nessus Professional / Nessus Pro

Vulnerability scanner āļ­āļąāļ™āļ”āļąāļš 1 āļ‚āļ­āļ‡āđ‚āļĨāļ
  • āļ āļēāļĐāļē: C/C++, Python Plugins
  • āļāļēāļ™āļ‚āđ‰āļ­āļĄāļđāļĨ: Plugin library >180,000
  • āļ„āļĢāļ­āļšāļ„āļĨāļļāļĄ: OS, DB, Web, Network, Cloud
  • CIS Benchmark: CIS, DISA STIG, PCI-DSS
  • āļĢāļđāļ›āđāļšāļš: Agent āļŦāļĢāļ·āļ­ Scanner-based
  • āļĢāļēāļĒāļ‡āļēāļ™: HTML, PDF, CSV, XML
  • WSS 7.1 8.6

Tenable.io (Cloud)

Vulnerability Management āļšāļ™āļ„āļĨāļēāļ§āļ”āđŒ
  • Architecture: Cloud-native, Multi-tenant
  • Scanner: On-prem, Cloud (AWS/Azure/GCP)
  • Predictive Prioritization: VPR Score 0-10
  • Integration: Splunk, ServiceNow, Jira
  • Compliance: PCI, HIPAA, NIST, ISO
  • API: RESTful API āđ€āļ•āđ‡āļĄāļĢāļđāļ›āđāļšāļš
  • WSS 7.1 9.1

Tenable.asm (Attack Surface Management)

āļˆāļąāļ”āļāļēāļĢāļžāļ·āđ‰āļ™āļœāļīāļ§āļāļēāļĢāđ‚āļˆāļĄāļ•āļĩāđāļšāļšāļ­āļąāļ•āđ‚āļ™āļĄāļąāļ•āļī
  • Discovery: Internet-facing assets āļ­āļąāļ•āđ‚āļ™āļĄāļąāļ•āļī
  • Shadow IT: āļ•āļĢāļ§āļˆāļˆāļąāļš Shadow IT / Rogue Assets
  • Third-Party: āļ›āļĢāļ°āđ€āļĄāļīāļ™āļœāļđāđ‰āđƒāļŦāđ‰āļšāļĢāļīāļāļēāļĢāļ āļēāļĒāļ™āļ­āļ
  • Domain: āļ•āļĢāļ§āļˆāļŠāļ­āļš Subdomain, Certificate
  • Continuous: āļ•āļĢāļ§āļˆāļˆāļąāļšāļāļēāļĢāđ€āļ›āļĨāļĩāđˆāļĒāļ™āđāļ›āļĨāļ‡āļĢāļēāļĒāļ§āļąāļ™
  • WSS 7.1a 6.2

Tenable.sc (SecurityCenter)

On-premises Vulnerability Management
  • Deployment: On-premise (VM/Physical)
  • RBAC: Role-Based Access Control
  • Dashboard: Real-time Risk Dashboard
  • Compliance: āļ„āļĢāļ­āļšāļ„āļĨāļļāļĄ NIST CSF, ISO 27001
  • Logs: Audit Log, Syslog Integration
  • WSS 7.1b 9.1

Tenable.cs (Cloud Security)

Cloud Security Posture Management + Container
  • CSPM: AWS, Azure, GCP Configuration Audit
  • Container: Kubernetes, Docker Image Scan
  • IaC: Terraform/Template Scanning
  • Compliance: CIS Benchmarks, PCI, NIST
  • WSS 6.5 8.7

Nessus Network Monitor (NNM)

Passive Network Monitoring
  • Mode: Passive (no traffic generated)
  • Protocol: HTTP, HTTPS, SMTP, SMB, DNS
  • Detection: Malware, C2, Policy Violation
  • Integration: āļŠāđˆāļ‡ Log āđ„āļ› Splunk/SIEM
  • WSS 9.1a

📋 CIS Benchmark — āļāļēāļĢāļ•āļĢāļ§āļˆāļŠāļ­āļšāļ•āļēāļĄāļĄāļēāļ•āļĢāļāļēāļ™ CIS

CIS (Center for Internet Security) Benchmarks āļ„āļ·āļ­āļĄāļēāļ•āļĢāļāļēāļ™āļāļēāļĢāļ•āļąāđ‰āļ‡āļ„āđˆāļēāļĢāļ°āļšāļšāļ­āļĒāđˆāļēāļ‡āļ›āļĨāļ­āļ”āļ āļąāļĒāļ—āļĩāđˆāđ„āļ”āđ‰āļĢāļąāļšāļāļēāļĢāļĒāļ­āļĄāļĢāļąāļšāļĢāļ°āļ”āļąāļšāđ‚āļĨāļ āļ„āļĢāļ­āļšāļ„āļĨāļļāļĄ OS, Web Server, Database, Cloud āđāļĨāļ°āļ­āļļāļ›āļāļĢāļ“āđŒāđ€āļ„āļĢāļ·āļ­āļ‚āđˆāļēāļĒ

🔗 āļ„āļ§āļēāļĄāļŠāļąāļĄāļžāļąāļ™āļ˜āđŒāļāļąāļš WSS

WSS āļ‚āđ‰āļ­āļŦāļąāļ§āļ‚āđ‰āļ­CIS Benchmark āļ—āļĩāđˆāđ€āļāļĩāđˆāļĒāļ§āļ‚āđ‰āļ­āļ‡
8.4System HardeningCIS Benchmarks āļŠāļģāļŦāļĢāļąāļš OS (Windows Server, Ubuntu, RHEL, CentOS)
8.6Secure ConfigurationCIS Benchmarks āļŠāļģāļŦāļĢāļąāļš Apache, Nginx, IIS, MySQL, PostgreSQL
6.5Cloud SecurityCIS Benchmarks āļŠāļģāļŦāļĢāļąāļš AWS, Azure, GCP, Docker, Kubernetes
8.7TLS / CipherCIS Benchmark — TLS Configuration, Cipher Suite Audit

ðŸŽŊ Tenable + CIS Benchmark

Nessus CIS Audit

  • Audit Templates āļŠāļģāļŦāļĢāļąāļš CIS Benchmark āļ—āļļāļāđ€āļ§āļ­āļĢāđŒāļŠāļąāļ™
  • āļ„āļĢāļ­āļšāļ„āļĨāļļāļĄ >200 CIS Benchmarks
  • āļĢāļēāļĒāļ‡āļēāļ™āđāļšāļš Pass/Fail āļžāļĢāđ‰āļ­āļĄ remediation
  • DISA STIG, PCI-DSS Compliance
  • Custom Audit Policy

Tenable.cs (Cloud)

  • CIS Benchmark āļŠāļģāļŦāļĢāļąāļš AWS, Azure, GCP
  • Container CIS (Docker, Kubernetes)
  • IaC Template Scanning (Terraform)
  • Continuous Compliance Monitoring
  • Auto-remediation Integration

ðŸŽŊ āļāļēāļĢāļ•āļ­āļšāļŠāļ™āļ­āļ‡āļ•āđˆāļ­ WSS āļ‚āđ‰āļ­ 7.1 (VA/PT)

Tenable āļ„āļĢāļ­āļšāļ„āļĨāļļāļĄ WSS āļ‚āđ‰āļ­ 7.1 āļ­āļĒāđˆāļēāļ‡āļ„āļĢāļšāļ–āđ‰āļ§āļ™:

📋 Tenable Licensing & Architecture

ProductLicense ModelDeploymentAPI/REST
Nessus ProPer Scanner (Annual)On-prem (Linux/Windows)✅ REST API
Tenable.ioPer Asset (Annual)SaaS Cloud + On-prem Scanner✅ Full REST
Tenable.scPer IP (Annual)On-prem (VM/Physical)✅ REST API
Tenable.asmPer Asset (Annual)SaaS Cloud✅ REST API
Tenable.csPer Workload (Annual)SaaS Cloud✅ REST API