Tenable

About

The Tenable Vulnerability Management NetoFuse module provides enriched asset context to Netography Fusion from Tenable Vulnerability Management. It connects to the Tenable API to retrieve asset, vulnerability, and scanner information and then uploads it as Context Labels to the Netography Fusion API.

☁️NetoFuse Modules: Cloud deployment vs. On-Prem deployment

This page documents how to add and configure the NetoFuse module for an on-prem deployment with a container or Python package. If you want to use the cloud deployment model and have this integration run in the Netography Fusion SaaS, you can add it as a context integration in the Netography Fusion Portal instead by consulting the Context Integrations documentation.

API Configuration Parameters

All the fields required for this integration are listed here, along with the corresponding environment variable name used to set that field in the NetoFuse module.

Tenable Field
Required
NetoFuse Environment Variable
Description

API Key

Yes

NETO__TENABLE__CREDENTIALS__ACCESS_KEY

Tenable API Key

API Secret

Yes

NETO__TENABLE__CREDENTIALS__SECRET

Tenable API Secret

Tenable VM Configuration

Generate a Tenable API Key

Login to your Tenable account and generate an API key at: https://cloud.tenable.com/tio/app.html#/settings/my-account/api-keys

See Tenable documentation if this link has changed or you have any questions about this process: https://docs.tenable.com/vulnerability-management/Content/Settings/my-account/GenerateAPIKey.htm

tenablevm NetoFuse Module Configuration

All the fields required for this integration are listed above in the API Configuration Parameters section above. See Configure > module for additional options for setting configuration fields and Credential Storage for additional options for setting credentials.

Advanced Configuration Options

The following configuration options are available for the module.

Configuration Option
Description
Default Value

include_asset_data

If set to false, no asset data is retrieved, only the vulnerabilities.

False

filters

Filters to apply to asset and vulnerability API calls. More information on this object here: https://developer.tenable.com/reference/exports-assets-request-export. If another configuration option is already available for the specific filter you want to use, use that one instead of this field.

None

cidr_range

Corresponds to the cidr_range filter setting

None

severity

Comma-separated list of severities to include in vulnerability results. Note that anything less than high is likely to create many context labels that are of low value, which should be avoided.

high

networks

A comma-separated list of network names. If it is set, the only assets or vulnerabilities included are those in one of the specified networks.

None

tags

A tag to filter assets returned by. A tag has a category name and a value, so the value of this should be written as “category=value".

None

scanner_details

If set to true, retrieve the list of scanners (filtered by the networks and CIDR field above).

True

Default tenablevm Module Configuration

PreviousTaniumNextWiz

Last updated