Tenable Vulnerability Management to AWS Security Hub
Project description
Tenable Vulnerability Management to AWS Transformer
| :exclamation: | If upgrading from v1 please read the upgrade section |
|---|
This tool is designed to consume Tenable.io asset and vulnerability data, transform that data into the AWS Security Hub Finding format, and then upload the resulting data into AWS Security Hub.
The tool can be run as either a one-shot docker container or as a command-line tool. To run as a docker image, you'll need to build the image and then pass the config file to the container.
Requirements
- The Tenable Vulnerability Management Integration for Security Hub must be configured to accept findings from the integration.
- At a minimum the configuration file must have the account id that the events will be sent to. Ideally the region should be configured as well.
- A set of API Keys within TVM should be configured to allow exportation of assets and vulnerability findings from the platform. These keys should be wither configured within the configuration file or as environment variables
Installation
pip install tenable_aws_sechub
Upgrading from v1
If you are upgrading from the original version of the integration, please note that there are some additional steps that need to be taken as the ARN that is used has changed.
- Disable the Tenable.io SecurityHub integration
- Enable the Tenable Vulnerability Management integration
- Configure and run the updated integration (this code)
Configuration
Simply build a configuration file (or use the example file provided) with the following details:
aws_account_id = 12344567890
aws_region = "us-east-1"
access_key = "1234567890abcdef1234567890"
secret_key = "1234567890abcdef1234567890"
Once the configuration file is saved, go ahead and ensure that the AWS CLI can communicate to AWS, or generate the appropriate configuration parameters that AWS needs for their boto3 client. Details for how to do this is documented below:
Running the integration
❯ tvm2aws --configfile /path/to/config.toml
Commandline options
❯ tvm2aws --help
Usage: tvm2aws [OPTIONS]
Tenable to AWS Security Hub vulnerability finding importer.
╭─ Options ───────────────────────────────────────────────────────────────────╮
│ --configfile PATH [default: tvm2aws.toml] │
│ --verbose -v INTEGER RANGE [x<=5] [default: 2] │
│ --help Show this message and exit. │
╰─────────────────────────────────────────────────────────────────────────────╯
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tenable_aws_sechub-2.1.0.tar.gz.
File metadata
- Download URL: tenable_aws_sechub-2.1.0.tar.gz
- Upload date:
- Size: 11.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.8.20
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c0fe9fcdf79036f47635fff990e7000c4dd0c88ff847355efa0687fe3779410b
|
|
| MD5 |
0195fb40d58a3c5019f9d6dccdcbd1ab
|
|
| BLAKE2b-256 |
ee3d7dcebcb797d39b6b4034bfad7b27d83946acc22850784b17bbd7f748daaf
|
File details
Details for the file tenable_aws_sechub-2.1.0-py3-none-any.whl.
File metadata
- Download URL: tenable_aws_sechub-2.1.0-py3-none-any.whl
- Upload date:
- Size: 8.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.8.20
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8f55ef906c9756b6cf035a0b79b7a120dd47dc160e373b4f92e058d5aaf9b31f
|
|
| MD5 |
418f859af7e49251ea2ed94a1edb2dcd
|
|
| BLAKE2b-256 |
8ae99d417c22008161491b7e5f18b101379b75899a2ea2a6eb916569ef71bc82
|
