Tenable SecurityCenter & Thycotic Secret Server: Enterprise Class Scan Credential Management
Have you experienced either of these scenarios in your environment?
- Endlessly updating scan credentials in your vulnerability scanner, as privilege account credentials are rotated to meet your information security objectives
- Password policy is hampered or “dumbed down” by the issues that arise when credentials need to be updated in too many places for it to be practicable to do so
To keep this brief, in essence, you create a Nessus scan as normal, and when referencing the desired scan account(s), you now have the option to instruct Nessus to lookup the relevant account directly and automatically from Secret Server.
Thycotic Secret Server
Audit - Secret Server keeps full audit logs, so you’ll know exactly which queries have been actioned by SecurityCenter/Nessus, and which have been user initiated.
Automation - Thycotic Secret Server is a lot more than a secure password vault. It has many advanced features to improve your security stance from a password perspective:
- Heartbeat checks can alert if credentials are out-of-sync which could indicate a failure of process or a policy breach
- Automatic password rotation by scheduled task or workflow trigger allows strict policy compliance and security stance hardening
- Network discovery can automate the process of locating and ingesting devices and accounts into the password database
- Access request workflows
- Session recording, keystroke logging and command white-listing enables full accountability and control of juniors and 3rd parties in sensitive environments
Secure - to provide you with the highest levels of confidentiality, integrity and availability, Thycotic Secret Server is built with on the best industry standard encryption and multiple high-availability options.
Historically and still the best-in-breed vulnerability tool available, SecurityCenter ties together the data from Nessus active scan data, and PVS (now Nessus Network Monitor) passive data giving enterprise wide visibility into vulnerabilities that could be exploited and provide the low-down on mitigating them.
With SecurityCenter Continuous View you can include log data collected by LCE (Log Correlation Engine) to expose the complete picture on your enterprises vulnerabilities.