I recently needed to pull all of the asset groups associated with a list of IPs from Tenable.SC. It’s easy enough to filter assets in Tenable.SC by Asset Group and get all of the assets in a group. And the full list of Asset Groups can be viewed in the Web UI by looking at the information for a single asset. But there was no report or query within the Web UI that would list all Asset Groups for list of IPs/assets.
Enter the Tenable.SC API. Within the API, there is a method called “assetintersections” that will list all Asset Groups associated with a given IP.
With a little scripting in your favorite language, a list of IPs and their associated Asset Groups can be created.
Nexpose, like other vulnerability management platforms, has the ability to create exceptions for the vulnerabilities it finds. You might need to issue exceptions because the vulnerability is a false positive, a compensating control is in place, or the risk is acceptable to the business.
Unfortunately, you sometimes have to create exceptions for hundreds, if not thousands, of vulnerabilities within Nexpose. It’s far too time consuming to create those manually.
The good news is that Nexpose has a well documented API. I’ve used this API to create a Powershell module that can help automate the submission of vulnerability exceptions.