# Tenable Security Center
Tenable Security Center (Tenable.sc) is a vulnerability management solution that provides visibility into the security posture of IT infrastructure. It consolidates and evaluates vulnerability data, illustrates vulnerability trends over time, and assesses risk with actionable context for effective remediation prioritization, which then can be imported as findings into PlexTrac via API.
Multiple integrations can be configured per instance or for specific clients.
{% hint style="info" %}
This is a licensed feature.
{% endhint %}
## Field Mappings
Below are the field mappings from Tenable to PlexTrac, broken up by findings and assets.
Tables include the following columns:
* **Tenable SC Field:** the field name in Tenable SC
* **Direction:** displays the direction in the flow of data occurring for the integration
* **PlexTrac Field:** the field name in PlexTrac
{% hint style="info" %}
PlexTrac only imports vulnerabilities that Tenable has not archived.
{% endhint %}
### Findings Field Mappings
If a field is not listed, then PlexTrac does not currently import.
| Tenable SC Field | Direction | PlexTrac Field |
| --------------------- | :-------: | --------------------------------------------- |
| Vulnerability Name | --> | Finding Name |
| Description | --> | Description |
| Solution | --> | Recommendations |
| See Also | --> | References |
| Status | | |
| *Active* | --> | *Finding="OPEN"* |
| *New* | --> | *Finding="OPEN"* |
| Severity | | |
| *Info* | --> | *Informational* |
| *Low* | --> | *Low* |
| *Medium* | --> | *Medium* |
| *High* | --> | *High* |
| *Critical* | --> | *Critical* |
| CVE | --> | CVE |
| CVSS3 | --> | Score Type |
| CVSS3 | --> | Score Vector |
| CVSS3 | --> | CVSS Score |
| Vulnerability Age | --> | Custom Field "Tenable Vulnerability Age" |
| CVSS V3 Impact Score | --> | Custom Field "Tenable CVSS V3 Impact Score" |
| Exploit Code Maturity | --> | Custom Field: "Tenable Exploit Code Maturity" |
| Product Coverage | --> | Custom Field: "Tenable Product Coverage" |
| Threat Intensity | --> | Custom Field: " Tenable Threat Intensity" |
| Threat Recency | --> | Custom Field: " Tenable Threat Recency" |
| Threat Sources | --> | Custom Field: " Tenable Threat Sources" |
| Patch Published | --> | Custom Field: "Tenable Patch Published" |
| Exploit Available | --> | Custom Field: " Tenable Exploit Available" |
| Exploitability Ease | --> | Custom Field: " Tenable Exploitability Ease" |
| Plugin Id | --> | Custom Field: " Tenable Plugin Id" |
### Assets Field Mappings
If a field is not listed, then PlexTrac does not currently import.
| Tenable SC Field | Direction | PlexTrac Field |
| ---------------- | :-------: | ---------------- |
| Plugin Output | --> | Scan Output |
| Asset Name | --> | Asset Name |
| IP | --> | Know IP Address |
| | --> | Host Name |
| Operating System | --> | Operating System |
| MAC Address | --> | MAC Address |
| Port | --> | Port |
| Protocol | --> | Protocol |
## Deduplication Logic
PlexTrac will not import findings from Tenable that have the same combination of `plugin ID` and `severity`.
## Integrating Security Center
Step 1: From the **Admin Dashboard**, click **Integrations** under "Tools & Integrations."
Step 2: If licensed, the option to connect will appear (if not, the box will display a lock icon and "License required"). Click the **Tenable** box.
Step 3: Enter a connection name and select if this integration is across the tenancy or for a client (if specific to one client, select the client of the pulldown menu). Click **Continue**.
Step 4: Select "Connect to Tenable Security Center." Enter the Tenable URL, access key, and secret key. Click **Continue**.
{% hint style="info" %}
Visit the [Tenable documentation site](https://docs.tenable.com/security-center/Content/GenerateAPIKey.htm) for more information on generating API keys.
{% endhint %}
If the keys are correct, a confirmation message will confirm successful synchronization.
Step 5: Edit the field mappings on the provided tabs for findings and assets, or continue using the defaults.
Information flows only from Tenable to PlexTrac. Fields required by PlexTrac are identified with a red asterisk.
Fields that can be deleted will have an "X" next to the PlexTrac field when hovering over with the cursor. A confirmation message will appear after clicking **X**.
Configurable fields can be adjusted by clicking the purple line and deleting the existing connection.
Click on the Tenable field, then click on the desired PlexTrac field to map and create a new connection.
Click **Continue** when finished.
The integration appears in the table as a listed connection.
## Synchronizing
PlexTrac offers two synchronization options for Tenable integrations.
1. **Sync:** This option allows an off-cycle synchronization and typically takes less than ten minutes.
2. **Full Sync:** This option examines the complete Tenable database. It may take several hours, but it occurs in the background and doesn't hinder using PlexTrac for other tasks.
### Synchronization History
To view sync history, click **Synch history** under the integration actions menu.
## Managing Integrations
Any existing integration can be disabled temporarily or deleted if no longer needed.
### Disabling an Integration
To disable an integration, click the toggle button for the integration under the "Enabled" column. This action also disables the ability to synchronize the integration.
### Deleting an Integration
To delete an integration, click the three dots under the "Actions" column and then **Delete**.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.plextrac.com/plextrac-documentation/product-documentation-1/account-management/account-admin/integrations-and-webhooks/integrations-api/tenable-security-center.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
