Tenable Vulnerability Management
Tenable Vulnerability Management is a suite of cloud vulnerability management products, including a scanner, which can directly import findings into PlexTrac via API.
This is a licensed feature.
The Tenable to PlexTrac integration supports vulnerability management data that originated from Nessus remote scanners or other third-party solutions that have an integration to add assets and vulnerabilities to Tenable.io.
The following Tenable scans are NOT supported:
- Web Application Scanning
- PCI
- Cloud Security v1
- Container Security v1/v2
- Attack Surface Management
Only one Tenable.io integration is allowed.
The Tenable integration is a microservice executed via a report findings import that involves the following process:
- PlexTrac's backend makes a request to the customer's Tenable instance
- PlexTrac pulls the requested data
- PlexTrac transforms the data into a format that can be imported into the report
- PlexTrac imports the data into an existing report
Once the data has been imported, the user is alerted via the notification bell within PlexTrac. A notification is also sent if an import failure occurs.
Please get in touch with [email protected] for more information on preparing your environment before completing the setup in the platform.
A Tenable API Access and Secret key with Administrator [64] permissions must be generated before beginning this process. Visit Tenable's Generate API Keys page for more information.
Step 1: From the Admin Dashboard, click Integrations under "Tools & Integrations."
Step 2: If the tenant is licensed, the option to connect will appear (if not, the box will display a lock icon with "License required" next to it). Click the Tenable Vulnerability Management box.
Step 3: Click Configure Tenable Vulnerability Management Integration.
Step 4: Enter the Access Key and Secret Key. Unless hosting a PlexTrac instance, leave the Tenable Domain field blank. Click Save.
Step 5: The integration details appear on the page. Click Sync Now.
If the keys are correct, no error message will appear, and a confirmation message will confirm successful synchronization.
Once set up, findings can be imported into a report, and instructions on this process can be found here.
Tags for Tenable are handled as AND, so if multiple tags are selected, only findings that have ALL the tags will be imported. Any findings that only have one of the tags will NOT be imported.
For example: If "category1:tag1" and "category2:tag2" are selected, only assets tagged with both will be returned.
If some tags are missing after import, try synchronizing again by clicking Synch Now, as described in Step 5 above.
Last modified 1mo ago