The following article describes how to configure an API connection between Workbench and the Tenable Vulnerability Management (VM) platform.
Note
Expel only supports Tenable Vulnerability Management (cloud version, previously called Tenable.io). Tenable.sc (on-premises version) is not currently supported.
Step 1: Get API Credentials from Tenable VM
-
Open Tenable.
-
From the menu in the upper left, select Settings.
-
Select Access Control.
-
Select Create User.
-
Create an Admin user.
Note
This user is for API access. The user must belong to your domain, so reflect that in the name. For example, you can name the user soc+admin@yourdomain.com or soc+api@yourdomain.com.
- Login with the account that was just created.
-
In addition to the API user, create an Admin user account for console access and provide the credentials to Expel, who will finish setting up the 2FA.
This account should be using 2FA with either TOTP authentication or using a SOC hotline.
Note
The user must belong to your domain, so reflect that in the name. For example, you can name the user soc+console@yourdomain. If Tenable configured it, you can use the @expel.io domain.
-
From the menu in the upper left, select Settings.
-
Select My Account.
-
Select API KEYS.
-
Select Generate.
-
Copy the Access Key and the Secret Key.
Connection to Workbench requires these keys.
Step 2: Add Tenable API Credentials to Workbench
-
In the menu on the left, select Organization Setting.
-
Select Security Devices.
-
In the top right, select +Add Security Device.
-
Search for Tenable VM.
Note
If you don't see the Tenable VM Scanner in Workbench as an integration, contact support to set the connection to Workbench using API information.
-
In Edit Security Device enter the following:
-
Name - enter the name of device
-
Location - enter the location of the device
-
Access Key - provide the key that was generated in Step 4
-
Secret - provide the secret that was generated in Step 4
-
Console URL - enter https://cloud.tenable.com.
-
Username - provide the username that was set up in Step 4
-