Connecting to Vulnerability Management Tools

When adding an integration between a SecureChange Access Request Workflow and a third-party vulnerability management tool, you are going to need to select the tool the app should sync or scan. Vulnerability-based Change Automation App (VCA) sends these tools requests and the Risk Analysis Integration scripts. To perform the sync, you need to provide the app with the connection details for the third-party vulnerability tools.

You can connect the app to multiple third-party vulnerability management tools. However, you can only select one for each integration added in the app.

VCA can sync with the following third-party vulnerability management tools:

  • Rapid7 Nexpose

  • Rapid7 InsightVM

  • QualysGuard
  • Qualys VMDR
  • Nessus Professional
  • Tenable.io
  • Tenable.sc

Connect to a Third-party Vulnerability Management Tool

  1. Go to the Scanners () menu.
  2. Click on a logo to select a third-party vulnerability management tool.
  3. Enter the access credentials.

    4. Vulnerability Management Tool

    Access Credentials
    • Tenable.sc
    • Rapid7 Nexpose
    • Rapid7 Insight VM
    • Nessus Professional
    • Address (FQDN or IP)
    • Port (Select HTTPS port)
    • Login User name
    • Login Password
    • Optional: Enable Certificate Verification
    • QualysGuard
    • Qualys VMDR
    • Address (FQDN or IP)
    • User name
    • Password
    • Optional: Enable proxy
    • Tenable.io
    • Address (FQDN or IP)
    • Access key
    • Secret key
    • Optional: Enable proxy