The following Guide details steps to get an API connection between Expel Workbench and the Tenable Vulnerability Management (VM) platform.

Note

Expel only supports Tenable Vulnerability Management (cloud version, previously called Tenable.io). Tenable.sc (on-premises version) is not currently supported.

  • Getting API credentials from Tenable VM

  • Adding API credentials to Workbench

Getting API credentials from Tenable VM

  1. Open Tenable.

    From the menu in the upper left, click Settings.

    Screenshot_2023-09-11_at_4_28_58_PM.png
  2. Click Access Control.

    Screenshot_2023-09-11_at_4_29_07_PM.png
  3. Click Create User.

    Screenshot_2023-09-11_at_4_29_17_PM.png
  4. Create an Admin user.

    Note

    This user is for API access, the account must be tied to your domain, so you should use something like soc+admin@yourdomain.com or soc+api@yourdomain.com.

    Screenshot_2023-09-11_at_4_29_26_PM.png
    • Login with the account that was just created.

    • In addition to the API user, create an Admin user account for console access and provide the credential to Expel, who will finish setting up the 2FA - this account should be using 2FA with either TOTP authentication or using a SOC hotline.

      Note

      The user must come from your domain, so please name the user something like soc+console@yourdomain. If Tenable has configured it, you can use the @expel.io as the email.

    • From the menu in the upper left, click Settings.

      Screenshot_2023-09-11_at_4_29_38_PM.png
    • Click My Account.

      Screenshot_2023-09-11_at_4_29_50_PM.png
    • Click API KEYS.

      Screenshot_2023-09-11_at_4_29_56_PM.png
    • Click Generate.

      Screenshot_2023-09-11_at_4_30_02_PM.png
    • Copy the Access Key and the Secret Key. These will be used in connecting the device to Workbench.

Adding API credentials to Workbench

The following details how to add Tenable to Workbench:

  • In the menu on the left, click Organization Setting.

  • Click Security Devices.

  • In the top right, click +Add Security Device.

  • Search for Tenable VM.

    Note

    If you do not see the Tenable VM Scanner in Workbench as an integration, then an Expel Customer Support Engineer will have to set the connection to Workbench using the API information provided by the client.

    Screenshot_2023-09-11_at_4_32_11_PM.png
  • Within Edit Security Device insert:

    • Name: Name of device

    • Location: Where the device lives

    • Access Key: Key that was generated in Step 4

    • Secret: Secret that was generated in Step 4

    • Console URL: insert https://cloud.tenable.com.

    • Username: Username that was set up in Step 4