1. Expel Help Center
  2. Expel Vulnerability Prioritization
  3. Expel Vulnerability Prioritization

Tenable Vulnerability Management API Set Up

The following article describes how to configure an API connection between Workbench and the Tenable Vulnerability Management (VM) platform.

Note

Expel only supports Tenable Vulnerability Management (cloud version, previously called Tenable.io). Tenable.sc (on-premises version) is not currently supported.

 

Quick Start

  1. Get API Credentials from Tenable VM

  2. Add API Credentials to Workbench

Step 1: Get API Credentials from Tenable VM

  1. Open Tenable.

  2. From the menu in the upper left, select Settings.

    Screenshot_2023-09-11_at_4_28_58_PM.png

  3. Select Access Control.

  4. Select Create User.

    Screenshot_2023-09-11_at_4_29_17_PM.png

  5. Create an Admin user.

    Note

    This user is for API access. The user must belong to your domain, so reflect that in the name. For example, you can name the user soc+admin@yourdomain.com or soc+api@yourdomain.com.

    Screenshot_2023-09-11_at_4_29_26_PM.png
  6. Login with the account that was just created.

  7. In addition to the API user, create an Admin user account for console access and provide the credentials to Expel, who will finish setting up the 2FA.

    This account should be using 2FA with either TOTP authentication or using a SOC hotline.

    Note

    The user must belong to your domain, so reflect that in the name. For example, you can name the user soc+console@yourdomain. If Tenable configured it, you can use the @expel.io domain.

     

  8. From the menu in the upper left, select Settings.

    Screenshot_2023-09-11_at_4_29_38_PM.png

  9. Select My Account.

  10. Select API KEYS.

    Screenshot_2023-09-11_at_4_29_56_PM.png

  11. Select Generate.

  12. Copy the Access Key and the Secret Key.

    Connection to Workbench requires these keys.

Step 2: Add Tenable API Credentials to Workbench

  1. In the menu on the left, select Organization Setting.

  2. Select Security Devices.

  3. In the top right, select +Add Security Device.

  4. Search for Tenable VM.

    Note

    If you don't see the Tenable VM Scanner in Workbench as an integration, contact support to set the connection to Workbench using API information.

    Screenshot_2023-09-11_at_4_32_11_PM.png

  5. In Edit Security Device enter the following:

    • Name - enter the name of device

    • Location - enter the location of the device

    • Access Key - provide the key that was generated in Step 4

    • Secret - provide the secret that was generated in Step 4

    • Console URL - enter https://cloud.tenable.com.

    • Username - provide the username that was set up in Step 4

  • Was this article helpful?

  • 0 out of 0 found this helpful

Related articles