Home
Implementation Guides
This guides allow you quickly and easily find the information you need to deploy, set up and configure the solution.
BigFix Insights for Vulnerability Remediation
Welcome to the BigFix Insights for Vulnerability Remediation (IVR) documentation, where you can find information about how to install, maintain and use IVR service.
System requirements
Learn more about the prerequisites and system requirements for BigFix Insights for Vulnerability Remediation (IVR) service.
API requirements for Tenable.sc
The IVR server requires a Tenable user account. A user leveraged to Tenable.sc IVR adapter needs compatible machines within the environment.

Implementation Guides
This guides allow you quickly and easily find the information you need to deploy, set up and configure the solution.
- ServiceNow Data Flow
  This module provides an overview and features of BigFix ServiceNow Data Flow.
- BigFix Insights for Vulnerability Remediation
  Welcome to the BigFix Insights for Vulnerability Remediation (IVR) documentation, where you can find information about how to install, maintain and use IVR service.
  - BigFix Insights for Vulnerability Remediation
    Use this section to become familiar with BigFix Insights for Vulnerability Remediation infrastructure and key concepts necessary to understand how it works.
  - System requirements
    Learn more about the prerequisites and system requirements for BigFix Insights for Vulnerability Remediation (IVR) service.
    - API requirements for Tenable.io
    - API requirements for Tenable.sc
      The IVR server requires a Tenable user account. A user leveraged to Tenable.sc IVR adapter needs compatible machines within the environment.
    - API requirements for Qualys
  - Deployment and configuration
    This module provides the steps to deploy and configure the BigFix Insights for Vulnerability Remediation solution for:
  - Setting up IVR App
    Use this module to install and set up your WebUI IVR app.
  - Scheduling IVR ETL
    The Extract, Transform, Load (ETL) process pulls data from a datasource and stores it in the IVR database. An ETL process consumes significant time and resources and hence must be performed on a customized schedule to minimize disruption. In IVR, you can schedule an ETL daily, weekly, or monthly.
  - IVR Fixlets and Tasks
    Learn more about available Fixlets and Tasks for BigFix Insights for Vulnerability Remediation.
  - Updating and validating the IVR configuration file
    You can update and validate the IVR configuration.
  - Updating IVR credentials
    You can update the IVR credentials.
  - Business Intelligence reports
    Use this section to become familiar with Power BI and Tableau reports.
  - Reference
    The following topics contain information on how you can work with the configuration file and settings, the CLI that comes with the package. They also describe how to use the log files for troubleshooting purposes.
  - Release Notes
    The release notes outline the features, updates and patches that are included in each version of BigFix Insights for Vulnerability Remediation, including the latest application updates.

API requirements for Tenable.sc

The IVR server requires a Tenable user account. A user leveraged to Tenable.sc IVR adapter needs compatible machines within the environment.

The Tenable account utilized for IVR should be assigned the default full access group, and auditor role permissions. This provides the account access needed to complete the dataflow. Additionally, the user can be defined using custom access permissions to limit the scope of assets retrieved by IVR. A group within Tenable can be limited by both the viewable hosts and the repositories. In general, the role of auditor should be leveraged as well, to follow the principle of least privileged. The IVR dataflow retrieves information only when the account has granted visibility to receive.

Here is how the “Create User” page, Membership section should look like the new user is created:

Tenable impact statement

IVR uses the pytenable library (developed by Tenable). IVR leverages a default batch size of 1000, which is conservative and is prescribed by Tenable. With the default settings, the Tenable.sc server should not see a noticeable impact when the IVR adapter is running.