What is Tenable Nessus? #
Tenable Nessus is a vulnerability scanning platform for auditors and security analysts. Tenable Nessus pushes updated definitions to systems every day.
Why Should You Use the Tenable Nessus Connector? #
The Tenable Nessus connector provides visibility into current vulnerabilities in your environment. You can use this visibility to:
-
ensure assets are managed per your security policies
-
find vulnerabilities quickly and remediate
How Does This Connector Work? #
Lucidum executes read-only requests to the Tenable Nessus REST API and ingests only meta-data about Tenable Nessus assets. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum #
| Field | Description | Example |
|---|---|---|
| Host | The hostname or IP address of the Tenable Nessus server. |
|
| Access Key | An API Access Key associated with a user account that has the read permissions to fetch Tenable data | ******************* |
| Secret Key | An API Secret Key associated with a user account that has the read permission to fetch Tenable data | ******************* |
| Verify SSL | For future use. | N/A |
Source Documentation #
Creating Credentials #
To create a user, Access Key, and Secret Key, see https://community.tenable.com/s/article/An-introduction-to-the-Nessus-API-generating-session-tokens-and-API-keys
Required Permissions #
The user you create for Lucidum requires the following permissions:
-
Asset – Read
API Documentation #
https://<NessusIP>:8834/api.
