Tenable.io
  • 31 May 2022
  • 3 Minutes to read
  • Dark
    Light
  • PDF

Tenable.io

  • Dark
    Light
  • PDF

Tenable.io automatically discovers and assesses a customer's environment for vulnerabilities, misconfigurations, and other cybersecurity issues.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Tenable.io Domain (required) - The hostname of the Tenable.io server. When fetching assets and vulnerabilites a different hard-coded domain is used (currently https://cloud.tenable.com).
  2. Access API Key and Secret API Key (required) - An API Key associated with a user account that has the Required Permissions to fetch assets.
  3. Tenable.io Tags Include list (optional, default: empty) - Specify a comma-separated list of tag keys in Tenable.io.
    • If supplied, this adapter will only fetch devices from Tenable.io with any of the tag keys provided in this list.
    • If not supplied, this adapter will fetch all devices from Tenable.io.
  4. Verify SSL (required, default: False) - Select to verify the SSL certificate offered by the value supplied in Tenable.io Domain. For more details, see SSL Trust & CA Settings.
  5. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Tenable.io Domain.
    • If supplied, Axonius will utilize the proxy when connecting to the value supplied in Tenable.io Domain.
    • If not supplied, Axonius will connect directly to the value supplied in Tenable.io Domain.
  6. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Tenableio.png

Advanced Settings

Note:

From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters

  1. Email domain include list (optional, default: empty) - Enter a comma separated list of email domains from which only users with email addresses that are connected to this domain are fetched. When the field is empty, users with email addresses from any domain are fetched.
  2. Do not fetch devices with no last scan (required, default: false) - Select whether to fetch devices without Last Seen date.
    • If enabled, all connections for this adapter will not fetch devices if they do not have a Last Seen indication.
    • If disabled, all connections for this adapter will fetch devices even if they do not have a Last Seen indication.
  3. Scan IDs include list (optional, default: empty) - Specify a comma-separated list of scan IDs in Tenable.io.
    • If supplied, all connections for this adapter will only fetch devices from Tenable.io scans with the scan IDs provided in this list.
    • If not supplied, all connections for this adapter will fetch all devices from Tenable.io scans.
  4. Fetch agent data (required, default: true) - Select whether to fetch Tenable.io agent data on each device.
    • If enabled, all connections for this adapter will fetch Tenable.io agent data on each device.
    • If disabled, all connections for this adapter will not fetch Tenable.io agent data on each device.
  5. Fetch only agent data (required, default: false) - Select whether to only fetch Tenable.io agent data on each device. If this is not selected, everything is fetched.
  6. Fetch scan exclusions (required, default: false) - Select to fetch scan exclusion status for Tenable.io devices.
  7. Fetch only active vulnerabilities (required, default: true) - Select whether to fetch only vulnerabilities in Active or in New state. For details, see Tenable.io - Vulnerability States.
    • If enabled, all connections for this adapter will only fetch vulnerabilities in Active or in New state.
    • If disabled, all connections for this adapter will fetch vulnerabilities with any state: New, Active, Fixed or Resurfaced.
  8. Do not fetch installed software (required, default: false) - Select whether not to fetch installed software.
  9. Fetch vulnerabilities in the background - select this option to fetch vulnerabilities for devices in the background, and not as part of a fetch. Note that vulnerabilities will be updated in the UI only after a regular fetch.
  10. Omit dashes from Agent UUID in agent data (optional, default: false) - When this option is selected and Fetch agent data is also selected, the dash character is removed from the value retrieved from the Agent UUID field of Tenable.io agent devices.
    Note: The Fetch agent data option must be selected for the Omit dashes... option to properly function.
  11. Do not populate fqdns as asset name (required, default: false) - Select to not include fully qualified domain names (FQDNs) as asset names.
Note:

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Required Permissions

The value supplied in Access API Key and Secret API Key must have read access to devices.

To generate an API key in the Tenable.io console, follow the directions in Tenable.io - Generate an API Key.
The API Keys are created for a user account. This user account must have the Administrator user permissions because Axonius uses the Export Assets method, which requires Administrator user permissions as described in Tenable.io - Export Assets.



What's Next
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.