Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Supported Vulnerability Scanners

Vulnerability data can be collected from several manufacturers and vendors of security products as shown in Table 1. If the scanner deployed in your network is not listed in this document, you can contact your sales representative to review support for your appliance.

Table 1: Supported Vulnerability Scanners

Vendor

Scanner name

Supported versions

Configuration name

Connection type

Beyond Security

Automated Vulnerability Detection System (AVDS)

AVDS Management V12 (minor version 129) and above

Beyond Security AVDS Scanner

File import of vulnerability data with SFTP

Digital Defense Inc

AVS

N/A

Digital Defense Inc AVS

HTTPS

eEye Digital Security

eEye REM

REM V3.5.6

eEye REM Scanner

SNMP trap listener

eEye Retina CS

Retina CS V3.0 to V4.0

Database queries over JDBC

Generic

Axis

N/A

Axis Scanner

File import of vulnerability data with SFTP

IBM

IBMAppScan Enterprise

V8.6 to V9.0.3.10

IBMAppScan Scanner

IBM REST web service with HTTP or HTTPS

IBM

InfoSphereGuardium

v9.0 and above

IBMGuardium SCAP Scanner

File import of vulnerability data with SFTP

IBM

Bigfix

V8.2x to V9.5.2

IBM BigFix Scanner

SOAP-based API with HTTP or HTTPS

IBM

InfoSphereSite

Protector

V2.9.x

IBMSiteProtector Scanner

Database queries over JDBC

IBM

Tivoli Endpoint Manager

Now known as IBM BigFix

Juniper Networks

Network and Security Manager (NSM) Profiler

2007.1r2

Juniper NSM Profiler Scanner

Database queries over JDBC

2007.2r2

2008.1r2

2009r1.1

2010.x

McAfee

Vulnerability Manager

Note:

The McAfee Vulnerability Manager scanner for JSA is deprecated.

Microsoft

Microsoft System Center Configuration Manager (SCCM)

MicrosoftWindows

Microsoft SCCM

DCOM must be configured and enabled

nCircle or Tripwire

IP360

VnE Manager V6.5.2 to V6.8.28

nCircle ip360 Scanner

File import of vulnerability data with SFTP

net

Vigilance

SecureScout

V2.6

SecureScout Scanner

Database queries over JDBC

Open source

NMap

V3.7 to V6.0

NMap Scanner

File import of vulnerability data over SFTP with SSH command execution

Outpost24

Outpost24

HIAB V4.1

OutScan V4.1

Outpost24

API over HTTPS

Positive

Technologies

MaxPatrol

V8.24.4 and later

Positive Technologies MaxPatrol

SFTP or SMB Share

Qualys

QualysGuard

V4.7 to V8.1

Qualys Scanner

APIv2 over HTTPS

Qualys

QualysGuard

V4.7 to V8.1

Qualys Detection Scanner

API Host Detection List over HTTPS

Rapid7

NeXpose

V4.x to V6.5

Rapid7 NeXpose Scanner

Remote Procedure Call (RPC) over HTTPS

Local file import of XML file over SCP or SFTP to a local directory

Saint

Corporation

Security Administrator's Integrated Network Tool (SAINT)

V7.4.x

Saint Scanner

File import of vulnerability data over SFTP with SSH command execution

Tenable

SecurityCenter

V4 and V5

Tenable SecurityCenter

JSON request over HTTPS

Tenable

Nessus

Tenable provides an integration with JSA by using its Tenable.sc and Tenable.io platforms to address the needs of enterprise customers. For more information about Nessus APIs, see the blog “A Clarfication about Nessus Professional” by Tenable.

As of December 2018, Tenable officially removed support for Nessus APIs. As a result, Tenable does not support direct integration between Nessus and JSA.