Home
Implementation Guides
This guides allow you quickly and easily find the information you need to deploy, set up and configure the solution.
BigFix Insights for Vulnerability Remediation
Welcome to the BigFix Insights for Vulnerability Remediation (IVR) documentation, where you can find information about how to install, maintain and use IVR service.
Business Intelligence reports
Use this section to become familiar with Power BI and Tableau reports.
Tableau reports
Use this section to become familiar with Tableau reports.
Tableau reports for Tenable.io
Use this section to become familiar with Tableau reports for Tenable.io

Implementation Guides
This guides allow you quickly and easily find the information you need to deploy, set up and configure the solution.
- ServiceNow Data Flow
  This module provides an overview and features of BigFix ServiceNow Data Flow.
- BigFix Insights for Vulnerability Remediation
  Welcome to the BigFix Insights for Vulnerability Remediation (IVR) documentation, where you can find information about how to install, maintain and use IVR service.
  - BigFix Insights for Vulnerability Remediation
    Use this section to become familiar with BigFix Insights for Vulnerability Remediation infrastructure and key concepts necessary to understand how it works.
  - System requirements
    Learn more about the prerequisites and system requirements for BigFix Insights for Vulnerability Remediation (IVR) service.
  - Deployment and configuration
    This module provides the steps to deploy and configure the BigFix Insights for Vulnerability Remediation solution for:
  - Setting up IVR App
    Use this module to install and set up your WebUI IVR app.
  - Scheduling IVR ETL
    The Extract, Transform, Load (ETL) process pulls data from a datasource and stores it in the IVR database. An ETL process consumes significant time and resources and hence must be performed on a customized schedule to minimize disruption. In IVR, you can schedule an ETL daily, weekly, or monthly.
  - IVR Fixlets and Tasks
    Learn more about available Fixlets and Tasks for BigFix Insights for Vulnerability Remediation.
  - Updating and validating the IVR configuration file
    You can update and validate the IVR configuration.
  - Updating IVR credentials
    You can update the IVR credentials.
  - Business Intelligence reports
    Use this section to become familiar with Power BI and Tableau reports.
    - Power BI reports
      Use this section to become familiar with Power BI reports.
    - Tableau reports
      Use this section to become familiar with Tableau reports.
      - Tableau reports for Qualys
        Use this section to become familiar with Tableau reports for Qualys.
      - Tableau reports for Tenable.io
        Use this section to become familiar with Tableau reports for Tenable.io
      - Tableau reports for Tenable.sc
        Use this section to become familiar with Tableau reports for Tenable.sc
  - Reference
    The following topics contain information on how you can work with the configuration file and settings, the CLI that comes with the package. They also describe how to use the log files for troubleshooting purposes.
  - Release Notes
    The release notes outline the features, updates and patches that are included in each version of BigFix Insights for Vulnerability Remediation, including the latest application updates.

Tableau reports for Tenable.io

Use this section to become familiar with Tableau reports for Tenable.io

BigFix Insights for Vulnerability Remediation can now also consume vulnerability data from Tenable.io. With Tenable Lumin available, BigFix Insights for Vulnerability Remediation also consumes asset prioritization data:

Asset Criticality Rating (ACR): 1-10 rating that represents the asset’s relative criticality based on device type, device purpose, and network location/proximity to the Internet.
Asset Exposure Score (AES): A metric that combines ACR & VPR (Vulnerability Priority Rating) into a single score to represent an asset’s relative exposure.

Refer to the link for more information: Lumin Metrics

Additionally, uniquely for Tenable.io, BigFix sends its endpoint asset data to Tenable.io to give it visibility into potentially unmanaged assets.

Chart details:

Vulnerability Title - Vulnerability title
PluginID - a unique identifier assigned to a vulnerability detection
Applicable Devices - devices that have been scanned by Tenable and for which vulnerabilities have been identified
CVE List - list of CVE
CVSS2 - (Common Vulnerability Scoring System version 2), scoring system used to assess the severity and potential impact of security vulnerabilities.
CVSS3 - (Common Vulnerability Scoring System version 3), updated version of the scoring system
VPR - Vulnerability Priority Rating
VPR Score - numerical value ranging from 0 to 10, with 10 being the highest priority
Detected Date - the date when a vulnerability was first detected
Published Date - date when the information about a vulnerability was first available
ACR - Asset Criticality Rating: 1-10 rating that represents the asset’s relative criticality based on device type, device purpose, and network location/proximity to the Internet.
AES - Asset Exposure Score: A metric that combines ACR & VPR (Vulnerability Priority Rating) into a single score to represent an asset’s relative exposure.

Detected Vulnerabilities with Applicable Fixlets

Detected Vulnerabilities without Available Fixlets

Vulnerability Discrepancies