/
Integrating Tenable VM and Tenable WAS

Integrating Tenable VM and Tenable WAS

Owned by Space Sync for Confluence
Last updated: Aug 22, 2024
3 min read

Introduction

The Platform will communicate with Tenable’s cloud-based API to retrieve scan results from your Tenable VM or Tenable WAS platforms.

When integrating the Platform with either Tenable VM or Tenable WAS, you must first configure appropriate API credentials and API permissions within your Tenable instance(s). This API configuration is beyond the scope of this article. Please refer to these Tenable articles:

NOTE: If you intend on integrating an instance of both Tenable VM and Tenable WAS with the Platform, you must define separate instances for each within the Platform. For example, you will need to define an Tenable WAS instance to retrieve your web application scanning results, and define an additional Tenable VM instance to retrieve your vulnerability assessment scanning results. This is necessary since the Tenable API(s) differs between their Tenable VM and Tenable WAS solutions.

Configuring Tenable VM and Tenable WAS

Choose the appropriate Connected Accounts entry depending on which of the Tenable products you wish to integrate with:

image-20240822-095324.png
image-20240822-095405.png
Defining a Tenable WAS integration

All fields below are mandatory:

  • Name - a meaningful name/ID of the scanner within your platform tenant.

  • Access Key - taken/copied from the Tenable VM or Tenable WAS platform instance

  • Secret Key - taken/copied from the Tenable VM or Tenable WAS platform instance

  • Scanner Frequency - this defines how often the Platform should check with the Tenable instance for new scan data. Default is every 30 minutes

Select Create Scanner once all information has been populated.

The platform will then perform a check with the defined scanner to establish if the configuration supplied is valid.

Scanner Configuration Success
Scanner Configuration Error

For valid configurations the platform will display a green banner and return to the previous Nessus Vulnerability Scanners window.

Should the platform return a red banner during the configuration checks, this indicates an error with communicating/validating the scanner configuration. Please check your Host definition API credentials are correct and then select Create Scanner again.

Please ensure you select Save Changes to commit the scanner configuration and make it available within your platform tenant.

Importing Scan Results from Tenable VM or WAS

Once a Tenable VM or WAS integration has been setup, the instances will be available to import scan results from. Scan results can be imported manually via a Phase, where the Platform will make an ad-hoc API call to Tenable to retrieve available scans: Alternatively, a Project can be created that can be configured to automatically import scan results from Tenable VM or WAS.

Related content