HomeGuidesAPI ReferenceChangelog
Guides

Tenable IO

Suggest Edits

Tenable.io Integration via Automation Manager

Automation Manager allows you to set up and schedule Tenable.io integrations directly from the RegScale interface. This guide walks you through creating a service account, entering your credentials, selecting jobs, scheduling runs, and monitoring results.

Step 1: Access Automation Manager

  1. Click your user profile icon in the top right corner of RegScale.

  2. Select Automation Manager from the dropdown menu.

  3. On the Automation Manager dashboard, locate the Tenable tile and click Config.

Step 2: Create a Service Account in Tenable.io

Before entering your credentials, create a dedicated service account in Tenable.io. This ensures stability and avoids issues if personal accounts change or expire.

  1. In Tenable.io, create a new user account designated for integration.

  2. Generate an Access Key and Secret Key under this account.

  3. Assign the account sufficient permissions, such as:

    a. Basic Scan Operator or higher.

    b. Permission to read assets, vulnerabilities, and findings.

Important: API keys in Tenable inherit the permissions of the account that generates them. If a standard user generates the keys, the integration will be limited to that user's access. To avoid errors, create keys from a service account that has the correct role and privileges. Reference Tenable instructions
here.

Step 3: Enter Keys and Secrets

In the Keys tab of the Tenable connector, enter the following values:

  • tenableUrl: typically https://cloud.tenable.com (if you are using Tenable FedCloud, use the appropriate URL).

  • tenableAccessKey: the access key generated from your Tenable service account.

  • tenableSecretKey: the secret key generated from your Tenable service account.

When all required values are entered correctly, you will see a Secrets Complete confirmation.

Step 4: Schedule a Job

  1. Go to the Scheduler tab.

  2. Select a job type from the dropdown. Options include:

    a. Query Vulnerabilities: pulls vulnerability data from Tenable.

    b. Sync Findings: imports findings from Tenable into RegScale.

    c. Sync Assets: imports assets from Tenable into RegScale.

    d. Sync Assets and Vulnerabilities: imports both assets and vulnerabilities in a single job.

    e. Sync Assets, Vulnerabilities, and Controls: imports assets, vulnerabilities, and compliance controls together.

  3. Enter a Job Name.

  4. Set the Execution Date and choose a Cadence (such as once, hourly, daily, weekly, or monthly).

  5. Enter the RegScale SSP ID so that data syncs into the correct System Security Plan.

  6. Add optional parameters, such as tags, to filter the scope of the job. To limit imported assets by tag, enter the desired tag key-value pairs in the Tags field under Optional Params using the following format: [["Key","Value"],["Key2","Value2"]]
    Example: [["XYZ Assets","RegScale"]]Tenable requires tags to be passed as key/value pairs inside a list (each tag represented as a two-item array). Using alternative formats (tag1:value1,tag2:value2) will cause an error during sync.

  7. Click Schedule Job to start.

Step 5: Monitor Jobs

  1. Go to the Jobs tab in the Tenable connector.
  2. Review the list of jobs, which shows:
  • Scheduled jobs.
  • Jobs in progress.
  • Completed jobs with success confirmation.
  • Failed jobs with error details.
  1. Use this tab to track and confirm whether your scheduled jobs ran as expected.

Step 6: Troubleshooting

  • If a job shows Unauthorized, verify that your Tenable Access Key and Secret Key are correct.

  • If a job shows Forbidden, confirm that your Tenable service account has sufficient permissions.

Updated 3 days ago