The Nessus integration allows Chariot to ingest vulnerability data directly from your Nessus Professional deployment, providing a unified view of your security posture. The Nessus integration with Chariot offers two flexible methods for incorporating vulnerability data into your security program: continuous API integration and point-in-time file imports.
Through the API integration, Chariot continuously synchronizes with your Nessus Professional deployment, providing real-time visibility into vulnerability scan results. This allows for automated, ongoing monitoring of your security posture without manual intervention.
For organizations that prefer periodic assessments or have air-gapped environments, Chariot also supports importing Nessus scan results directly from exported files. This enables teams to perform point-in-time analysis or maintain security data in environments with restricted network access.
Both methods enable Chariot to track and analyze vulnerabilities across your assets while maintaining the context of their severity and impact.
Continuous integration using the API
To enable the continuous integration between Chariot and Nessus, you'll need to generate API credentials from your Nessus Professional instance.
Generating Nessus API Keys
Users must create an API key from Nessus. Make sure you have administrator access to the Nessus Professional portal. These are the steps:
To generate an API key:
- In Tenable Nessus, in the top navigation bar, click Settings. The About page appears.
- In the left navigation bar, click My Account. The My Account page appears.
- Click the API Keys tab.
- Click Generate. A dialog box appears, confirming your selection to generate a new API key.
Note: After clicking the Generate button, a warning window notifies you that any previously generated keys will no longer be valid after generating new API keys.
Notice: API Keys are only presented upon initial generation. Please store them in a safe location as they can not be retrieved later and will need to be regenerated if lost. Your new API key appears.
Configuring the Integration in Chariot
Moving over to your Chariot instance, the integration process is straightforward. Look for the Integrations section in the left navigation menu - you'll find it under the Administration heading near the bottom.
Click on "Add Integration" to see all available integration options.
You can easily locate the Nessus integration either by using the search function or by browsing the Vulnerability Management section of the integration cards.
When you click "Connect" on the Nessus card, you'll see a configuration popup where you can enter:
-
Nessus API URL - The API URL for your Nessus Professional instance. The expected format is
https://ip:port
orhttps://domain.tld:port
. The default port used by Nessus Professional is8834
. - Access key - Your 64-character Tenable access key.
- Secret key - Your 64-character Tenable secret key.
Once you've entered these details, Chariot will integrate. The integration will automatically:
- Pull scan results from Nessus scans
- Map discovered vulnerabilities to assets in Chariot
- Import vulnerability severity levels and details
- Track vulnerability proofs and outputs
- Associate port and protocol information with discovered services
Importing Nessus Scan Results
Chariot allows you to import scan results directly from Nessus. Here's how to import your scan data:
Importing your Nessus scan data starts in your Nessus console. Once you log in, you will see "My Scans". This shows the scans that are available for export.
Clicking on export will open the following:
Chose the CSV option and click Generate Report. This will produce a .nessus file.
Moving over to your Chariot instance, the integration process is straightforward. Look for the Integrations section in the left navigation menu - you'll find it under the Administration heading near the bottom.
Click on "Add Integration" to see all available integration options.
You can easily locate the Nessus integration either by using the search function or by browsing the Vulnerability Management section of the integration cards.
When you click "Connect" on the Nessus card, you'll see a configuration popup either drag and drop the .nessus export file, or Chose Files from your local system:
When you upload the file, Chariot processes the scan data comprehensively. It extracts all the key information about your assets, including both IP addresses and fully qualified domain names (FQDNs). The system analyzes each vulnerability finding, capturing details like risk levels, technical specifications, and proof of findings. To keep things focused on actionable items, Chariot automatically filters out informational findings.
After processing completes, you'll find all your imported data in your Chariot account. Each vulnerability is presented with its risk rating, a synopsis of the issue, and the technical evidence captured during the scan. This gives you a clear view of your security posture based on the Nessus scan results.
If you find a topic that you would like discussed in detail, or need further assistance, please let us know at support@praetorian.com!