Tenable.sc (SecurityCenter)
  • 24 Apr 2022
  • 8 Minutes to read
  • Dark
    Light
  • PDF

Tenable.sc (SecurityCenter)

  • Dark
    Light
  • PDF

Tenable.sc (formerly SecurityCenter) consolidates and evaluates vulnerability data, prioritizing security risks.

Parameters

The Tenable.sc Adapter connection requires the following parameters:

  1. URL (required) - The URL of the Tenable.sc management server. (e.g., https://tenable-sc.company.com)

  2. User Name and Password (optional, default: empty) - The credentials for a user account that has the Required Permissions to fetch assets.

    Note:

    These fields are required if the following are not supplied:

    • Access Key and Secret Key
    • Session Token and Session Key
  3. Access Key and Secret Key (optional, default: empty) - The API key-secret pair associated to a user account that has the Required Permissions to fetch assets.

    Note:

    These fields are required if the following are not supplied:

    • User Name and Password
    • Session Token and Session Key
  4. Session Token and Session Cookie (optional, default: empty) - A session cookie associated with the supplied username.

    Note:

    These fields are required if the following are not supplied:

    • User Name and Password
    • Access Key and Secret Key
  5. Verify SSL (required, default: false) - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  6. API Optional Prefix - Optional API prefix

  7. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the URL of the Tenable.sc management server.

    • When supplied, Axonius uses the proxy when connecting to the URL of the Tenable.sc management server.
    • When not supplied, Axonius connects directly to the URL of the Tenable.sc management server.
  8. HTTPS Proxy User Name (optional, default: empty) - The user name to use when connecting to the URL of the Tenable.sc management server via the value supplied in HTTPS Proxy.

    • When supplied, Axonius authenticates with this value when connecting to the value supplied in HTTPS Proxy.
    • When not supplied, Axonius does not perform authentication when connecting to the value supplied in HTTPS Proxy.
  9. HTTPS Proxy Password (optional, default: empty) - The password to use when connecting to the URL of the Tenable.sc management server via the value supplied in HTTPS Proxy.

    • When supplied, Axonius authenticates with this value when connecting to the value supplied in HTTPS Proxy.
    • When not supplied, Axonius does not perform authentication when connecting to the value supplied in HTTPS Proxy.
  10. Enable Client Side Certificate (required, default: false) - Select to enable Axonius to send requests using the certificates uploaded to allow Mutual TLS configuration for this adapter.

    TLSonAdapter.png

    • Click Choose file next to Client Private Key File to upload a client private key file in PEM format
    • Click Choose file next to Client Certificate File to upload a public key file in PEM format
  11. To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Tenable_sc_3-3-22


Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters

  1. Do not fetch devices with no MAC address and no hostname (required, default: false) - Select whether to exclude fetching devices without a MAC address or hostname.
    • If enabled, all connections for this adapter will only fetch devices having either a MAC address or hostname.
    • If disabled, all connections for this adapter will fetch devices even if they don't have either a MAC address or hostname.
  2. Do not fetch devices with no MAC address and no hostname and no os type (required, default: false) - Select whether to exclude fetching devices without either a MAC address, hostname, or operating system (OS) types.
    • If enabled, all connections for this adapter will only fetch devices having either a MAC address, hostname, or OS type.
    • If disabled, all connections for this adapter will fetch devices even if they don't have either a MAC address, hostname, or OS type.
  3. Fetch Top N installed software (optional, default: 0) - Specify the number of the top most common installed software fetched from Tenable.sc.
    • If supplied, all connections for this adapter will fetch the top N most common installed software fetched from Tenable.sc.
    • If not supplied (or '0') - all connections for this adapter will not fetch any installed software from Tenable.sc.
  4. Fetch installed software per device (required, default: false) - Choose whether to fetch all installed software from Tenable.sc.
    • If enabled, all connections for this adapter will fetch installed software fetched from Tenable.sc.
      • If you select this option, set Fetch top N installed software as 0.
    • If disabled, all connections for this adapter will not fetch any installed software from Tenable.sc.
  5. Fetch vulnerabilities (required, default: false) - Select to fetch devices' unmitigated vulnerabilities data from Tenable.sc.
    Note: If you want to also fetch mitigated vulnerabilities appearing in the Mitigated table of Tenable.sc, select Fetch vulnerabilities and Fetch mitigated vulnerabilities.
  6. Fetch SCAP scans (required, default: false) - Select whether to fetch data from SCAP scans.
    • If enabled, all connections for this adapter will fetch data from SCAP scans.
    • If disabled, all connections for this adapter will not fetch data from SCAP scans.
  7. Do not fetch devices with unauthenticated scans only (required, default: false) - Choose whether to fetch devices with unauthenticated scans only Tenable.sc.
    • If enabled, all connections for this adapter will fetch devices with authenticated scans only from Tenable.sc.
    • If disabled, all connections for this adapter will fetch devices with authenticated and unauthenticated scans from Tenable.sc.
  8. Fetch info level vulnerabilities only for listed plugin IDs (optional, default: empty) - Specify a comma-separated list of Tenable.sc plugin IDs.
    • If supplied, all connections for this adapter will only collect info level vulnerabilities from Tenable.sc for the plugin IDs provided in this list.
    • If not supplied, all connections for this adapter will not collect any info level vulnerabilities from Tenable.sc.
  9. Repository name exclude list (optional, default: empty) - specify a comma-separated list of Tenable.sc repositories. Repositories are databases within Tenable.sc that contain vulnerability data. For more details, see Tenable.sc - Repositories.
    • If supplied, all connections for this adapter will not fetch vulnerabilities from repositories which are any of the comma-separated list of Tenable.sc repositories that have been defined in this field.
    • If not supplied, all connections for this adapter will fetch any vulnerability regardless of their Tenable.sc repository.
  10. Repository name exclude list - use 'contains' logic instead of exact match (required, default: false) - Select whether to consider the values supplied in Repository name exclude list field as the exact repository names.
    • If enabled, all connections for this adapter will not fetch vulnerabilities from repositories their name contains any of the supplied values in the Repository name exclude list field.
    • If disabled, all connections for this adapter will not fetch vulnerabilities from the repositories their name exactly matches one of the supplied values in the Repository name exclude list field.
  11. Fetch asset groups (required, default: false) - Select whether to fetch information about asset groups.
    • If enabled, all connections for this adapter will enrich devices information with data about asset groups.
    • If disabled, all connections for this adapter will not enrich devices information with data about asset groups.
  12. Fetch scan results (required, default: false) - Select whether to fetch scan results for each repository.
    • If enabled, all connections for this adapter will fetch scan results for each repository.
    • If disabled, all connections for this adapter will not fetch any scan results.
  13. Don’t populate OS from a not reliable source (required, default: false) - Select whether to populate the OS fields only if the data from Tenable is considered reliable, that is from a Tenable agent or an authenticated scan.
    • If enabled, all connections for this adapter will only populate OS fields if the data is from a Tenable agent or an authenticated scan.
    • If disabled, all connections for this adapter will populate OS fields.
  14. Async chunks in parallel (required, default: 50) - Specify the number of parallel requests all connections for this adapter will send to the Tenable.sc server in parallel at any given point.
  15. Parse interface name from vulnerability text (required, default: false) - Select whether to parse device interface name from the vulnerability text.
    • If enabled, all connections for this adapter will parse the device interface name from the vulnerability text.
    • If disabled, all connections for this adapter will not parse the device interface name.
  16. Fetch installed software from Plugin ID 20811 (required, default: false) - Select whether all connections for this adapter will parse the installed software from the Plugin data (text) of the Plugin ID 20811.
    When the plugin text does not have information about the installed software then the regular installed software is used. If this field is cleared, then the regular installed software is used.
  17. Fetch hostname from Plugin ID 55472 (required, default: false) - Select whether all connections for this adapter will parse the device hostname from the Plugin data (text) of the Plugin ID 55472.
    When the plugin text does not have information about the hostname then the regular host name is used. If this field is cleared, then the regular hostname is used.
  18. Fetch Windows services from Plugin ID 44401 (required, default: false) - Select whether all connections for this adapter will fetch data from the Windows services plugin 44401 for each device.
  19. Fetch all plugin IDs over 1M (optional, default: false) - Select whether to fetch all plugin IDs equal or greater than 1,000,000 (no matter their severity or info level).
  20. Parse certificate from Plugin ID 10863 (optional, default: false) - Select to parse certificate information from plugin ID number 10863.


Note:

For details about general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.

Required Permissions

The value supplied in User Name and Password / API Key and API Secret / Session Token and Session Key must be for an account in Tenable.sc that has the “Security Manager” role, with access to all the required repositories.
For details about Tenable SC user roles, see User Roles.
For details about generating an API key and secret pair, see Tenable.sc - Generate API Keys.



What's Next
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.