The Tufin Vulnerability Mitigation app (VMA) enables Tufin customers to prioritize remediation and mitigation efforts by enhancing vulnerability scanner output with network insights. By combining vulnerability measures (CVSS and severity) with insights into how these vulnerabilities may be accessed and exploited via the network, customers have the context to identify and address the vulnerabilities that pose the greatest threat to their critical business assets.

The Tufin Vulnerability Mitigation app provides out-of-the-box integration between Tufin SecureTrack and the most widely used vulnerability management solutions, including Tenable.io, Tenable.sc, Qualys VMDR, Rapid7 Nexpose, and Rapid7InsightVM.

With Tufin’s Vulnerability Mitigation app, you can:

  • Prioritize vulnerability remediation efforts based on exposure of critical assets as well as severity of vulnerabilities
  • Easily assess overall risk to critical assets resulting from vulnerabilities that are both accessible and exploitable
  • Automate risk mitigation by blocking access to the critical asset until remediation efforts can be fully implemented
  • Monitor and measure risk exposure over time via a comprehensive dashboard that highlights overall vulnerability exposure networkwide and the impact of mitigation and remediation efforts

Instructions for generating an evaluation license are available in the app's documentation linked in the sidebar.

Version v1.1.1
Compatibility R19-1 or above
2021-06-16
  • Supports various types of email address formats
Version v1.1.0
Compatibility R19-1 or above
2021-04-01
  • Supports TOS Aurora and Classic
Version v1.0.19
Compatibility R19-1 or above
2021-03-12
  • Fix Nessus duplicate vulnerabilities with multiple scans
  • Fix Nessus schedule option
  • Remove duplicate devices from asset devices
  • Exclude negated rules
Version v1.0.14
Compatibility R19-1 or above
2021-01-07
  • Fix Rapid7 download vulnerability report
Version v1.0.13
Compatibility R19-1 or above
2020-12-15
  • The VMA tested with Nessus Professional
Version v1.0.12
Compatibility R19-1 or above
2020-12-01
  • Support Nessus Essentials as a new vulnerability scanner
  • Identify whether access from an internet/untrusted address is exploitable
  • Added reports
  • Block vulnerable assets by opening SecureChange Group Modification ticket
  • Assigning severity and vulnerability ids to rules
  • Filter rules with ANY object in destination during sync time
  • Added additional rules metadata to the vulnerable rules
  • Various UI improvements
Version v0.2.6
Compatibility R19-1 or above
2020-09-25
  • Register and unregister from the SecureTrack UI
  • Trial license is now generate from the Tufin portal
  • Add port configuration to Rapid7 and Tenable.sc
  • Add verify certificate option to Rapid7 and Tenable.sc. For Qualyse and Tenable.io certification always verified.
  • Add a proxy configuration to Qualys and Tenable.io
Version v0.1.41
Compatibility R19-1 to R20-1
2020-07-15
  • Integrates with Tenable, Qualys and Rapid7
  • Get access view for manual assets
  • Vulnerable rules access view for assets
  • Vulnerable zones access view for assets
  • Mitigte vulnerable assets by openning a server decommission ticket
  • Dashborad and trends
  • Bug fixed
Write Review

Be the first to review this app