Tenable SC Connector

TenableSC (formerly Tenable SecurityCenter) is a vulnerability assessment solution that provides insight into the security posture of your distributed and complex IT Infrastructure.

 

Use the TenableSC Connector to import your vulnerability scan information into Kenna to assist you in reducing risk across your environment.

User Prerequisites/TenableSC Connector Setup

  • Given the on-premise nature of Tenable.sc, you must have the Kenna Virtual Tunnel deployed in the same network as your Tenable scanner to allow Kenna to connect with Tenable.sc. The Kenna agent does not currently support TenableSC, but may do so in the future.

  • Must have API access

  • User role must be a “Security Manager”

 

Configuring your TenableSC Connector in Kenna

Navigate to the Connectors tab in your Kenna deployment (you must be a Kenna Administrator).

tnb_sc.png

 

Once you select the TenableSC icon from the Kenna Connectors page, you will see a screen like this:

image1.png
  • Enter a name for the connector

  • Enter the username/password for the Security Manager level account

  • Enter the Host information for your scanner. When entering the host IP and port, there is no need to prefix with https:// as it is not required. 

    • Examples: securitycenter.company.com:443 or 10.0.0.1:443
  • Select the frequency that you want to run your Kenna TenableSC Connector

  • Check the box for “Use Kenna Virtual Tunnel”

  • Save and Verify

Note: There are no plans to support 2FA for connector credentials. The Kenna platform itself currently supports 2FA using Duo Security.

Note: At this time you can also select an Asset Inactivity Limit for the Connector. You are not required to do so, and if you do not, the Global Asset Inactivity Limit will apply. 

 

What TenableSC items are turned into Kenna Tags?

The following metadata from TenableSC will be converted into tags within Kenna. These tags can be used during search queries or to create Risk Meter groups.

  • Tags

  • Groups

  • Owner (combines Firstname + Lastname)

Vulnerability Date Information

Within Kenna you will notice several dates in the Vulnerabilities tab. When importing your TenableSC data the following criteria are used to populate those date fields.

  • “Found” within Kenna is when the scanner first found the vulnerability

  • “Last Seen” within Kenna is the most recent date the TenableSC scanner found the vulnerability

  • “Created” within Kenna is the date the vulnerability was first imported to Kenna

 

Optional Settings

The following settings can be enabled on the backend for TenableSC Connectors. To get these settings enabled or for more information, please contact Support, or your Customer Success Engineer.

  • Include Informationals

    • TenableSC excludes Informational vulnerabilities for performance reasons. When this option is enabled, non-CVE vulnerabilities will be imported. This includes X509 Cert expirations, TLS out-of-date (TLS 1.0, 1.1), Open Port Re-checks, Firewall Rule Enumeration, etc.

  • Skip Tags

    • This setting will allow you to NOT create any Tags within Kenna based on the TenableSC metadata.

  • Ignore Scanner Last Seen Time

    • If you do not want the asset last seen time in Kenna to be the scanner reported last seen time.

  • Tag Reset

    • This setting will assist in keeping your TenableSC metadata in sync with Kenna. Each time the connector is run, ALL tags within Kenna will be removed and the TenableSC tag metadata re-created.

    • If you have created any manual tags OR any tags were created off of metadata from other connectors that tag info will be removed and will be refreshed once those other connectors are rerun.

  • Custom Ordered Locators

    • Locators (IP, Netbios, FQDN, etc) can be reordered to better deduplicate vulnerabilities on the Connector level or the entire Platform level. For more information see the help article here.

 

Additional Assistance

Please contact Kenna Support should you require any additional assistance with the Tenable SC Connector.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.