Tenable VM Tenable VM

Tenable VM

The Tenable VM integration in Chariot provides continuous visibility into your organization's vulnerability posture by connecting directly with your Tenable.io Vulnerability Management instance. This integration automatically discovers assets and vulnerabilities from your Tenable.io scans, incorporating them into Chariot's continuous threat exposure management platform.

Key Features

  • Automated Asset Discovery: Automatically imports assets from Tenable.io scans into Chariot
  • Vulnerability Analysis: Processes and imports vulnerability findings with detailed metadata
  • CVSS Score Integration: Maps Tenable severity ratings to Chariot's risk framework using CVSS scores
  • Real-time Updates: Continuously monitors for new scan results and findings
  • Smart Deduplication: Intelligently consolidates duplicate findings across multiple scans

Prerequisites

Before setting up the Tenable VM integration, you'll need:

  1. An active Tenable.io account with administrative access
  2. API access keys from Tenable.io (Access Key and Secret Key)
  3. Access to your Chariot instance

Setup Instructions

Set or Confirm Service Account Permissions

First, ensure appropriate API permissions are configured in Tenable.io:

Log in to your Tenable.io console and navigate to Settings > Access Control

Click on the Permissions tab.

Verify a permission exists with "Can View" for "All Assets"

If not, create the permission:

Click Create Permission

Set up permission to allow "Can View" for "All Assets"

Assign to appropriate users/groups

Click Save

Create Service Account in Tenable VM

Log in to your Tenable.io console and navigate to Settings to find the Access Control section.

In the Access Control section, click on Create User. 

Configure the service account:

Add Name, Username, Email, and password

Set role to Standard User

Enable API Key Authentication
Click Next

Add to user group (if desired)

Select the "Can View All Assets" permission

Click Save

Generate API Keys

In Access Control > Users, locate and click on the service account

Scroll to API Keys section

Click "More" to expand options

Click "Generate API Keys" 

Click "Replace & Generate" to create new API keys

Copy and securely store both the Access and Secret keys

Configure Chariot Integration

Log in to Chariot and navigate to Integrations

Click Add Integration

Find Tenable VM under Vulnerability Management section

Click Connect

Configure the integration:

Enter Tenable VM URL

Enter Access Key

Enter Secret Key

Select Import preferences:

Import Assets; Enables import and scanning of all external assets

Import Vulnerabilities; Imports external vulnerabilities and associated assets

Once configured, Chariot will import data daily based on your selected import settings.

For assistance with integration setup or optimization, contact our support team at support@praetorian.com.

Articles in this section