| WSS āļāđāļ | āļŦāļąāļ§āļāđāļ | Tenable Product | āļāļąāļāļāđāļāļąāļ |
|---|---|---|---|
| 6.2 | āļāļļāļāļĨāļąāļāļĐāļāļ°āļŊ āļāđāļāļĄāļđāļĨ | Tenable.io / Tenable.cs | Data Classification, Risk Assessment |
| 7.1 | VA / Risk Assessment | Nessus Pro / Tenable.io | Vulnerability Scanning, Risk Scoring (CVSS) |
| 7.1a | āļāļ°āđāļāļĩāļĒāļāļāļĢāļąāļāļĒāđāļŠāļīāļ | Tenable.asm | Attack Surface Discovery, Asset Inventory |
| 7.1b | āļāļĢāļ°āđāļĄāļīāļāļāļ§āļēāļĄāđāļŠāļĩāđāļĒāļ | Tenable.sc (SecurityCenter) | Risk-Based Vulnerability Management |
| 7.1d | Vulnerability Assessment | Nessus / Tenable.io | VA scanning, Plugin library >180K |
| 7.1e | Penetration Testing | Tenable.io (integration) | PT data import, correlation |
| 7.1f | Third Party | Tenable.asm (Third-party Discovery) | Vendor Risk Assessment |
| 8.4 | System Hardening | Nessus (CIS Benchmark Audit) | Configuration Auditing, CIS/DISA STIG |
| 8.6 | Secure Configuration | Nessus Config Assessment | OS/DB/Web Server Config Audit |
| 8.7 | TLS Certificate | Tenable.cs / Nessus | SSL/TLS Assessment, Cipher Audit |
| 9.1 | Continuous Monitoring | Tenable.io (Live Monitoring) | Continuous VA, Threat intel feed |
| 9.1a | āļāļĨāđāļāļāļĢāļ§āļāļāļąāļ | Tenable.io / Nessus Network Monitor | Passive Network Monitoring |
CIS (Center for Internet Security) Benchmarks āļāļ·āļāļĄāļēāļāļĢāļāļēāļāļāļēāļĢāļāļąāđāļāļāđāļēāļĢāļ°āļāļāļāļĒāđāļēāļāļāļĨāļāļāļ āļąāļĒāļāļĩāđāđāļāđāļĢāļąāļāļāļēāļĢāļĒāļāļĄāļĢāļąāļāļĢāļ°āļāļąāļāđāļĨāļ āļāļĢāļāļāļāļĨāļļāļĄ OS, Web Server, Database, Cloud āđāļĨāļ°āļāļļāļāļāļĢāļāđāđāļāļĢāļ·āļāļāđāļēāļĒ
| WSS āļāđāļ | āļŦāļąāļ§āļāđāļ | CIS Benchmark āļāļĩāđāđāļāļĩāđāļĒāļ§āļāđāļāļ |
|---|---|---|
| 8.4 | System Hardening | CIS Benchmarks āļŠāļģāļŦāļĢāļąāļ OS (Windows Server, Ubuntu, RHEL, CentOS) |
| 8.6 | Secure Configuration | CIS Benchmarks āļŠāļģāļŦāļĢāļąāļ Apache, Nginx, IIS, MySQL, PostgreSQL |
| 6.5 | Cloud Security | CIS Benchmarks āļŠāļģāļŦāļĢāļąāļ AWS, Azure, GCP, Docker, Kubernetes |
| 8.7 | TLS / Cipher | CIS Benchmark â TLS Configuration, Cipher Suite Audit |
Tenable āļāļĢāļāļāļāļĨāļļāļĄ WSS āļāđāļ 7.1 āļāļĒāđāļēāļāļāļĢāļāļāđāļ§āļ:
| Product | License Model | Deployment | API/REST |
|---|---|---|---|
| Nessus Pro | Per Scanner (Annual) | On-prem (Linux/Windows) | â REST API |
| Tenable.io | Per Asset (Annual) | SaaS Cloud + On-prem Scanner | â Full REST |
| Tenable.sc | Per IP (Annual) | On-prem (VM/Physical) | â REST API |
| Tenable.asm | Per Asset (Annual) | SaaS Cloud | â REST API |
| Tenable.cs | Per Workload (Annual) | SaaS Cloud | â REST API |