Tenable Nessus
This CLI is able to sync asset, scans and vulnerabilities from a folder containing Tenable Nessus files.
nessus
- Import a folder of Nessus files and sync assets, vulnerabilities and scans to RegScale.
Nessus Processing Workflow
The CLI will process each nessus file and load assets, vulnerabilities and scans to RegScale.
-
The user first logs into RegScale via the CLI to set the access token or otherwise creates a service account as described in the CLI Login documentation
import_nessus
Import Nessus scans and assets to RegScaleupdate_cpe_dictionary
Manually update the CPE 2.2 dictionary from NIST.
-
The user provides the RegScale SSP ID# and the folder path to the Nessus files.
-
nessus
- The primary function of this integration, parse and load nessus data to RegScale.
Required parameters
-
regscale_ssp_id
The ID number from RegScale of the System Security Plan, required. -
folder_path
The full folder path where the Tenable Nessus files are located.
Additional Information:
- If any vulnerabilities are reported by the Nessus scan, the CLI will create an issue with the vulnerablilty plugin name and link all assets related to this vulnerability to the issue description. The issue will have the Security Plan as the parent module.
- Software inventory will be populated for a given asset if a CPE tag exists for that asset in the Nessus report.
- Issues will be created based on vulnerabilities reported in the Tenable Nessus datasets for any vulnerability with a severity level higher than "low".
- Issues will be closed when vulnerabilities are no longer reported on the affected assets.
The CLI provides detailed logging throughout the process to indicate progress and to provide troubleshooting in case of issues.
Example Commands
Import Nessus scans to SSP #16 in RegScale using the files located in the test_data folder.
regscale tenable nessus import_nessus --regscale_ssp_id 16 --folder_path /home/bryan/Sync/regscale/regscale-cli/tests/test_data
Updated 11 months ago