The Tufin Vulnerability Mitigation app (VMA) enables Tufin customers to prioritize remediation and mitigation efforts by enhancing vulnerability scanner output with network insights. By combining vulnerability measures (CVSS and severity) with insights into how these vulnerabilities may be accessed and exploited via the network, customers have the context to identify and address the vulnerabilities that pose the greatest threat to their critical business assets.

The Tufin Vulnerability Mitigation app provides out-of-the-box integration between Tufin SecureTrack and the most widely used vulnerability management solutions, including,, Qualys VMDR, Rapid7 Nexpose, and Rapid7InsightVM.

With Tufin’s Vulnerability Mitigation app, you can:

  • Prioritize vulnerability remediation efforts based on exposure of critical assets as well as severity of vulnerabilities
  • Easily assess overall risk to critical assets resulting from vulnerabilities that are both accessible and exploitable
  • Automate risk mitigation by blocking access to the critical asset until remediation efforts can be fully implemented
  • Monitor and measure risk exposure over time via a comprehensive dashboard that highlights overall vulnerability exposure networkwide and the impact of mitigation and remediation efforts

Instructions for generating an evaluation license are available in the app's documentation linked in the sidebar.

Important notice: if you are upgrading to TOS Aurora 21-3, you must download and reinstall this app.

Version v2.1.2
Compatibility R19-1 or above
  • Impprove performace of the asset page
Version v2.1.1
Compatibility R19-1 or above
  • Fixed device count
Version v2.1.0
Compatibility R20-2 or above
  • Supports TOS Aurora R21-3
Version v2.0.2
Compatibility R19-1 or above
  • Fix notifications performance
Version v2.0.1
Compatibility R19-1 or above
  • Support for configuration changes in the Aurora cluster
Version v2.0.0
Compatibility R20-2 or above
  • New vulnerabilities page
  • Exclude rules with text in the rule comment
  • API to pull vulnerabilities
  • Change rule by Rule Modification workflow in SecureChange
  • Update style
  • Bug fix
Version v1.1.1
Compatibility R19-1 or above
  • Supports various types of email address formats
Version v1.1.0
Compatibility R19-1 or above
  • Supports TOS Aurora and Classic
Version v1.0.19
Compatibility R19-1 or above
  • Fix Nessus duplicate vulnerabilities with multiple scans
  • Fix Nessus schedule option
  • Remove duplicate devices from asset devices
  • Exclude negated rules
Version v1.0.14
Compatibility R19-1 or above
  • Fix Rapid7 download vulnerability report
Version v1.0.13
Compatibility R19-1 or above
  • The VMA tested with Nessus Professional
Version v1.0.12
Compatibility R19-1 or above
  • Support Nessus Essentials as a new vulnerability scanner
  • Identify whether access from an internet/untrusted address is exploitable
  • Added reports
  • Block vulnerable assets by opening SecureChange Group Modification ticket
  • Assigning severity and vulnerability ids to rules
  • Filter rules with ANY object in destination during sync time
  • Added additional rules metadata to the vulnerable rules
  • Various UI improvements
Version v0.2.6
Compatibility R19-1 or above
  • Register and unregister from the SecureTrack UI
  • Trial license is now generate from the Tufin portal
  • Add port configuration to Rapid7 and
  • Add verify certificate option to Rapid7 and For Qualyse and certification always verified.
  • Add a proxy configuration to Qualys and
Version v0.1.41
Compatibility R19-1 to R20-1
  • Integrates with Tenable, Qualys and Rapid7
  • Get access view for manual assets
  • Vulnerable rules access view for assets
  • Vulnerable zones access view for assets
  • Mitigte vulnerable assets by openning a server decommission ticket
  • Dashborad and trends
  • Bug fixed
Write Review

Be the first to review this app