Tenable VM

Written By Dan Crawford

Last updated 6 days ago

The Tenable VM integration in PGP provides continuous visibility into your organization's vulnerability posture by connecting directly with your Tenable.io Vulnerability Management instance. This integration automatically discovers assets and vulnerabilities from your Tenable.io scans, incorporating them into PGP's continuous threat exposure management platform.

Key Features

  • Automated Asset Discovery: Automatically imports assets from Tenable.io scans into PGP
  • Vulnerability Analysis: Processes and imports vulnerability findings with detailed metadata
  • CVSS Score Integration: Maps Tenable severity ratings to PGP's risk framework using CVSS scores
  • Real-time Updates: Continuously monitors for new scan results and findings
  • Smart Deduplication: Intelligently consolidates duplicate findings across multiple scans

Prerequisites

Before setting up the Tenable VM integration, you'll need:

  1. An active Tenable.io account with administrative access
  2. API access keys from Tenable.io (Access Key and Secret Key)
  3. Access to your PGP instance

Setup Instructions

Set or Confirm Service Account Permissions

First, ensure appropriate API permissions are configured in Tenable.io:

Log in to your Tenable.io console and navigate to Settings > Access Control

Click on the Permissions tab.

Verify a permission exists with "Can View" for "All Assets"

If not, create the permission:

Click Create Permission

Set up permission to allow "Can View" for "All Assets"

Assign to appropriate users/groups

Click Save

Create Service Account in Tenable VM

Log in to your Tenable.io console and navigate to Settings to find the Access Control section.

In the Access Control section, click on Create User.

Configure the service account:

Add Name, Username, Email, and password

Set role to Standard User

Enable API Key Authentication Click Next

Add to user group (if desired)

Select the "Can View All Assets" permission

Click Save

Generate API Keys

In Access Control > Users, locate and click on the service account

Scroll to API Keys section

Click "More" to expand options

Click "Generate API Keys"

Click "Replace & Generate" to create new API keys

Copy and securely store both the Access and Secret keys

Configure PGP Integration

Log in to PGP and navigate to Integrations

Click Add Integration

Find Tenable VM under Vulnerability Management section

Click Connect

Configure the integration:

Enter Tenable VM URL

Enter Access Key

Enter Secret Key

Select Import preferences:

Import Assets; Enables import and scanning of all external assets

Import Vulnerabilities; Imports external vulnerabilities and associated assets

Once configured, PGP will import data daily based on your selected import settings.

For assistance with integration setup or optimization, contact our support team at support@praetorian.com.