Tenable.io
  • 2 Minutes To Read
  • Print
  • Share
  • Dark
    Light

Tenable.io

  • Print
  • Share
  • Dark
    Light

Tenable.io automatically discovers and assesses a environments for vulnerabilities, misconfigurations, and other cybersecurity issues.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. Tenable.io Domain (required) - The hostname of the Tenable.io server.
  2. Access API Key and Secret API Key (required) - An API Key associated with a user account that has the Required Permissions to fetch assets.
  3. Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in Tenable.io Domain. For more details, see SSL Trust & CA Settings.
    • If enabled, the SSL certificate offered by the value supplied in Tenable.io Domain will be verified against the CA database inside of Axonius. If the SSL certificate can not be validated against the CA database inside of Axonius, the connection will fail with an error.
    • If disabled, the SSL certificate offered by the value supplied in Tenable.io Domain will not be verified against the CA database inside of Axonius.
  4. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Tenable.io Domain.
    • If supplied, Axonius will utilize the proxy when connecting to the value supplied in Tenable.io Domain.
    • If not supplied, Axonius will connect directly to the value supplied in Tenable.io Domain.
  5. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

image.png

Advanced Settings

  1. Exclude devices with no last scan (required, default: False) - Select whether to fetch devices without Last Seen date.
    • If enabled, all connections for this adapter will not fetch devices if they do not have a Last Seen indication.
    • If disabled, all connections for this adapter will fetch devices even if they do not have a Last Seen indication.
  2. Scan IDs whitelist (optional, default: empty) - Specify a comma-separated list of scan IDs in Tenable.io.
    • If supplied, all connections for this adapter will only fetch devices from Tenable.io scans with the scan IDs provided in this list.
    • If not supplied, all connections for this adapter will fetch all devices from Tenable.io scans.
  3. Tag key whitelist (optional, default: empty) - Specify a comma-separated list of tag keys in Tenable.io.
    • If supplied, all connections for this adapter will only fetch devices from Tenable.io with any of the tag keys provided in this list.
    • If not supplied, all connections for this adapter will fetch all devices from Tenable.io.
  4. Fetch agent data (required, default: True) - Select whether to fetch Tenable.io agent data on each device.
    • If enabled, all connections for this adapter will fetch Tenable.io agent data on each device.
    • If disabled, all connections for this adapter will not fetch Tenable.io agent data on each device.
  5. Do not fetch devices with no MAC address and no hostname (required, default: False) - Choose whether to exclude fetching devices without MAC address and without hostname.
    • If enabled, all connections for this adapter will only fetch devices having MAC address or hostname.
    • If disabled, all connections for this adapter will fetch devices even if those do not have MAC address and no hostname.

image.png

NOTE

For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Required Permissions

The value supplied in Access API Key and Secret API Key must have read access to devices.

To generate an API key in the Tenable.io console, please follow the directions in Tenable.io - Generate an API Key.
The API Keys are created for a user account. This user account must have the Administrator user permissions because we use the Export Assets method which requires Administrator user permissions as described in Tenable.io - Export Assets

Was This Article Helpful?