Cyberwatch helps companies reduce their risk through two solutions: a vulnerability detection and monitoring solution and a compliance management solution that can adapt to any environment and rule. These cross-platform applications (Windows, Linux, Mac) are quickly installed with or without an agent, or in offline mode in client networks.
This connector queries the Cyberwatch API to collect indicators on assets, their vulnerabilities, and their compliance, as well as to synchronize security issues as gaps in Tenacy.
This connector allows the following information to be collected:
Indicators of the number of scanned assets (vulnerabilities and compliance), with recent results.
Indicator on assets with critical vulnerabilities.
Indicators on the number of discovered and critical vulnerabilities.
Indicator on compliant assets.
Cyberwatch security issues as gaps in Tenacy.
Add and configure the connector
To add this connector, go to Catalog > Connectors > Cyberwatch > Add a connector
After adding it, you need to configure:
Operator perimeter: the perimeter that operates and dictates the vulnerability/compliance scan rules to which the indicators and the default gaps registry will be attached.
Frequency: Automatic query frequency of the Cyberwatch API and the periodicity of associated indicators. This periodicity can be daily, weekly, monthly, semi-annual, or annual.
⚠️ When creating this connector, the Internal Vulnerability Scans measure (TE016) will automatically be applied to the connector's operator perimeter if not already in place.
Once the connector is created, the configuration continues:
Cyberwatch API URL: Corresponds to the connection URL for the Cyberwatch dashboard. This URL is displayed when the API key is generated.
Cyberwatch API Key: This API key must be generated and linked to a Cyberwatch administrator account. The "Read Only" permission is sufficient for the connector to work.
⚠️ Non-administrator users do not have the necessary permissions to query the API.
Cyberwatch API Secret: This secret is generated when the API key is created. The secret is only accessible and visible at the time of key generation. A new API key must be generated if it is lost.
Gaps register: Security flaws identified by Cyberwatch can be raised as gaps in Tenacy if a gaps register is selected from the list provided. A dedicated register is proposed in the list, but you can also create your own register by entering its name in the input field. If the register doesn't exist yet, Tenacy will create it when saving the configuration.
Maximum number of gaps: Only if you wish to limit the creation of gaps to a certain number, this value cannot exceed 100. If the field is left empty, Tenacy will synchronize all security issues identified by Cyberwatch as gaps.
Groups in perimeters: You can send your metrics and indicators according to the groups you have already defined in Cyberwatch. You can add as many TENACY perimeters as you want and add the Cyberwatch Group IDs next to them. If you want to associate multiple Cyberwatch groups with a TENACY perimeter, simply separate them with a comma.
💡 To generate a new API key on Cyberwatch, click on your avatar at the top right in Cyberwatch > My Profile > View My API Keys > Add +
Run your first test
Once the connector is properly configured, test the integration by running an initial execution.
Go to ⚙️ > Connectors > Click on the Cyberwatch connector > Run now:
💡 Feel free to contact Tenacy support if you have any questions regarding this.