What is Tenable Vulnerability Management? #
Tenable Vulnerability Management (formerly Tenable.io) identifies and prioritizes vulnerabilities (including external threats and internal misconfigurations) based on risk to your business.
Why Should You Use the Tenable Vulnerability Management Connector? #
The Tenable Vulnerability Management connector provides visibility into the assets in your environment. You can use this visibility to:
-
ensure assets are managed per your security policies
-
ensure users are managed per your security policies
-
derive relationships between assets, users, applications, and data
How Does This Connector Work? #
Lucidum executes read-only requests to the Tenable Vulnerability Management REST API and ingests only meta-data about Tenable Vulnerability Management devices. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum #
|
Field |
Description |
Example |
|---|---|---|
|
Host |
The hostname of the the server for Tenable Vulnerability Management. |
cloud.tenable.com |
|
Access Key |
The API Key for a Tenable Vulnerability Management account that has the Administrator role. NOTE: The Lucidum connector uses the Export Assets method to ingest asset data. This method requires the Administrator role. |
040db538c34f42238c9a7a2d0a94ee8a |
|
Access Secret |
The API Secret for a Tenable Vulnerability Management account that has the Administrator role. NOTE: The Lucidum connector uses the Export Assets method to ingest asset data. This method requires the Administrator role. |
0eb43c4190bb4632b142dde140d032000 |
|
Lookback in Days |
Number of previous days from today to examine when ingesting data. Default value is 7 |
7 |
Source Documentation #
Creating Credentials #
Creating an account with the Administrator role:
-
Log in to Tenable Vulnerability Management with an administrator account.
-
Follow these steps to create a user account that the Lucidum connector can use: https://docs.tenable.com/vulnerability-management/Content/Settings/access-control/CreateAUserAccount.htm.
-
Assign the Administrator Role.
NOTE: The Lucidum connector uses the Export Assets method to ingest asset data. This method requires the Administrator role.
Generating an API Key for the new administrator account:
-
Log in to Tenable Vulnerability Management with the new administrator account.
-
Follow these steps to generate an API key and API secret: https://developer.tenable.com/docs/api-access#generate-api-tokens-for-a-tenable-vulnerability-management-account .
Required Permissions #
|
Object |
Permissions |
|---|---|
|
Role |
Administrator |
