Tenable Vulnerability Management
  • 17 Mar 2025
  • 2 Minutes to read
  • Dark
    Light

Tenable Vulnerability Management

  • Dark
    Light

Article summary

Tenable Vulnerability Management is a cloud-based vulnerability management platform. Tenable empowers all organizations to understand their cyber exposure and to reduce the risk in the modern attack surface. More information can be found at Tenable Vulnerability Management.

Integration Method: API

Tables: Device Inventory Info (5001), Vulnerability Finding (2002), Detection Finding (2004)

Note:

Tenable Vulnerability Management doesn’t follow a traditional versioning system. Instead, it is a continuously updated cloud service. As for this document preparation, the latest release was in November 2024.

This integration supports the following events.

Event

Description

Assets

Retrieves data for all assets.

Scans

Retrieves data for scans with host details.

Vulnerabilities

Retrieves data for vulnerabilities.

Prerequisites

  1. The User should have access to the Tenable IO portal with an account that has the Basic [16] user role , Scan Operator Role[24].

  2. The User should have access to the DataBee console.

Configuration Overview

  1. Generate API credentials on the Tenable IO VM console with the required user roles.

  2. Add the Tenable vulnerability management in the DataBee console with the below parameters.

    DataBee Feed Parameter

    Tenable Parameter

    Client Key

    Client ID

    Client Secret

    Client Secret

Tenable Vulnerability Management Configuration

This step walks through the steps of creating the API credentials on the Tenable VM instance.

  1. Login to the Tenable IO instance from the URL.
     

  2. Navigate to Settings on the top right.
     

  3. Click the My Account tile.
     

  4. Click the API Keys on the left to generate the API credentials.

  5. Click on the Generate button.
     

  6. The “Generate API Keys” window appears with a warning. Note that any existing API keys will be replaced. You must update the applications where the previous API keys were used). Review the warning and click the Continue Button.
     

  7. Tenable IO generates new access and secret keys and displays the new keys in the Custom API Keys section of the page.

    • Save / Copy the new access and secret keys. This will be used when configuring DataBee.
       

      Note:

      These keys will no longer be available after leaving this screen. Be sure to copy the keys.

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     

  2. Search for the Tenable Vulnerability Management and click it as shown below.
     

  3. Click on the API Ingest option for collection method.
     

  4. Enter feed contact information and click Next.
     

  5. In the configuration page, enter the following:

    • Authorization Method: Custom API Key.

    • Access Key: paste the Access Key  generated earlier in the Tenable IO Platform.

    • Secret Key: paste the Secret Key generated earlier in the Tenable IO Platform.

    • Event Types: preselected for all the event types that integration pulls.
       

  6. Click Submit.

Troubleshooting Tips

  • Ensure the client key, client secret, instance, username and password are pasted correctly. Since you cannot view the client key and secret after the 1st time, re-create the creds, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.

  • Make sure the required user role is assigned.


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence