What is Tenable Nessus? #
Tenable Nessus is a vulnerability scanning platform for auditors and security analysts. Tenable Nessus pushes updated definitions to systems every day.
Why Should You Use the Tenable Nessus Connector? #
The Tenable Nessus connector provides visibility into current vulnerabilities in your environment. You can use this visibility to:
-
ensure assets are managed per your security policies
-
find vulnerabilities quickly and remediate
How Does This Connector Work? #
Lucidum executes read-only requests to the Tenable Nessus REST API and ingests only meta-data about Tenable Nessus assets. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum #
|
Field |
Description |
Example |
|---|---|---|
|
Host |
The hostname or IP address of the Tenable Nessus server. |
|
|
Access Key |
An API Access Key associated with a user account that has the read permissions to fetch Tenable data |
******************* |
|
Secret Key |
An API Secret Key associated with a user account that has the read permission to fetch Tenable data |
******************* |
|
Verify SSL |
For future use. |
N/A |
Source Documentation #
Creating Credentials #
To create a user, Access Key, and Secret Key, see https://community.tenable.com/s/article/An-introduction-to-the-Nessus-API-generating-session-tokens-and-API-keys
Required Permissions #
The user you create for Lucidum requires the following permissions:
-
Asset – Read
API Documentation #
https://<NessusIP>:8834/api.
