Tenable Security Center Connector Guide

How to set up and use the Tenable Security Center (Tenable.sc) connector in RiskSense.

Overview

Tenable® Nessus® is a widely deployed vulnerability scanner that can help detect malware and identify vulnerabilities of assets and asset configurations. Tenable Security Center (Tenable.sc) is built on Nessus technology.

The RiskSense platform supports client connector configurations to provide scheduled Tenable.sc vulnerability scan output uploads. When looking at the RiskSense Integrations page, it records and displays the last time data from the Tenable.sc connector was uploaded.

Connector Configuration

Tenable Security Center Setup

When data pulls from a scanner connector, it uploads the last 30 days of scan data into the RiskSense platform. This is a default setting that cannot be adjusted. Once the data has been pulled, new data is automatically added to the default group and if the data already exists in the platform, it will automatically be moved to the specific group.

RiskSense Connector Setup

To create the connector, log into RiskSense and navigate to the Automate > Integrations page.

Navigation - Automate - Integrations

Using the search bar in the upper-right corner of the Integrations page, type tenable.sc to find the connector.

Tenable Security Center - Search for Tenable.sc

Click the Configuration button in the tenable.sc connector card.

Tenable Security Center - Tenable.sc Configuration Button Location

In the new window under Connection, complete the required fields, as described below.

Tenable Security Center - Connector Configuration

  • Connector Name: Name of the connector.
  • Location (URL): The URL to access the specific instance of Tenable.
  • Username: Username used to access the connected system.
  • Password: Password used to access the connected system.
  • Network: The network configured to ingest the connector data.
  • SSL: Copy and paste the exported Base64 SSL certificate from the scanner.

Click Test Credentials to verify if the credentials are correct and have access to make API calls to Tenable.

Tenable Security Center - Test Credentials

In the Schedule section, configure the desired schedule for the connector to retrieve results from the Tenable instance. All time selections are based on 24-hour GMT time. The following schedules are available.

Daily: Configures the connector to run at a set daily interval.

Tenable Security Center - Daily Schedule

Weekly: Configures the connector to run on a specific day or multiple days of the week at a specific time.

Tenable Security Center - Weekly Schedule

Monthly: Configures the connector to run on a specific day or days of the month at a specific time on those days.

Tenable Security Center - Monthly Schedule

Optionally turn on Enable auto URBA (Update Remediation by Assessment) to automatically close findings when they have been resolved and no longer detected. Click Save to create the connector.

Editing a Connector Configuration

Connector configurations can be updated at any time after their creation. Navigate to the Automate > Integrations page and click the Edit (Connector - Edit - Small) button on the tenable.sc connector card.