Vulnerability Management module

The Vulnerability Management module contains pre-built workflows that automates the process of downloading the vulnerability scan files from the Tenable Nessus vulnerability assessment tool and importing them in BMC Helix Automation Console (SaaS) TrueSight Automation Console (on-premises). 

So far, operators have to manually download the scan files from vulnerability assessment tools such as Nessus Tenable or Qualys and then import these files in Automation Console. After a successful import, assets and vulnerabilities data appears in Automation Console, which is crucial for managing and remediating vulnerabilities in your environment. By integrating with the Vulnerability Management module, vulnerability scan files are automatically downloaded and uploaded to Automation Console based on your settings. Currently, auto-import of vulnerability scan files can be done for Tenable Nessus vulnerability assessment tool only. 

For more information about how the auto-import of vulnerabilities enables Automation Console users to manage vulnerabilities efficiently, see  Use case: Automatically importing vulnerability scan files  in the Automation Console documentation. 

The Vulnerability Management module includes a core module, which contains the workflow process, and a configuration module that stores all the connection and configuration data. It also includes other artifacts such as adapters and modules that you must download and configure to enable this use case. 

This section contains the following topics: 

• Installing the Vulnerability Management module
• Configuring content for the Vulnerability Management module
• Workflows in the Vulnerability Management module