Tenable IO
Tenable.io Integration via Automation Manager
Automation Manager allows you to set up and schedule Tenable.io integrations directly from the RegScale interface. This guide walks you through creating a service account, entering your credentials, selecting jobs, scheduling runs, and monitoring results.
Step 1: Access Automation Manager
-
Click your user profile icon in the top right corner of RegScale.
-
Select Automation Manager from the dropdown menu.
-
On the Automation Manager dashboard, locate the Tenable tile and click Config.
Step 2: Create a Service Account in Tenable.io
Before entering your credentials, create a dedicated service account in Tenable.io. This ensures stability and avoids issues if personal accounts change or expire.
-
In Tenable.io, create a new user account designated for integration.
-
Generate an Access Key and Secret Key under this account.
-
Assign the account sufficient permissions, such as:
a. Basic Scan Operator or higher.
b. Permission to read assets, vulnerabilities, and findings.
Important: API keys in Tenable inherit the permissions of the account that generates them. If a standard user generates the keys, the integration will be limited to that user's access. To avoid errors, create keys from a service account that has the correct role and privileges. Reference Tenable instructions
here.
Step 3: Enter Keys and Secrets
In the Keys tab of the Tenable connector, enter the following values:
-
tenableUrl: typically https://cloud.tenable.com (if you are using Tenable FedCloud, use the appropriate URL).
-
tenableAccessKey: the access key generated from your Tenable service account.
-
tenableSecretKey: the secret key generated from your Tenable service account.
When all required values are entered correctly, you will see a Secrets Complete confirmation.
Step 4: Schedule a Job
-
Go to the Scheduler tab.
-
Select a job type from the dropdown. Options include:
a. Query Vulnerabilities: pulls vulnerability data from Tenable.
b. Sync Findings: imports findings from Tenable into RegScale.
c. Sync Assets: imports assets from Tenable into RegScale.
d. Sync Assets and Vulnerabilities: imports both assets and vulnerabilities in a single job.
e. Sync Assets, Vulnerabilities, and Controls: imports assets, vulnerabilities, and compliance controls together.
-
Enter a Job Name.
-
Set the Execution Date and choose a Cadence (such as once, hourly, daily, weekly, or monthly).
-
Enter the RegScale SSP ID so that data syncs into the correct System Security Plan.
-
Add optional parameters, such as tags to filter the scope of the job.
-
Click Schedule Job to start.
Step 5: Monitor Jobs
- Go to the Jobs tab in the Tenable connector.
- Review the list of jobs, which shows:
- Scheduled jobs.
- Jobs in progress.
- Completed jobs with success confirmation.
- Failed jobs with error details.
- Use this tab to track and confirm whether your scheduled jobs ran as expected.
Step 6: Troubleshooting
-
If a job shows Unauthorized, verify that your Tenable Access Key and Secret Key are correct.
-
If a job shows Forbidden, confirm that your Tenable service account has sufficient permissions.
Updated 8 days ago