Tenable Nessus
What is Tenable Nessus?
Tenable Nessus is a vulnerability scanning platform for auditors and security analysts. Tenable Nessus pushes updated definitions to systems every day.
For more information about Tenable and Lucidum, see https://lucidum.io/tenable/.
Why Should You Use the Tenable Nessus Connector?
The Tenable Nessus connector provides visibility into current vulnerabilities in your environment. You can use this visibility to:
ensure assets are managed per your security policies
find vulnerabilities quickly and remediate
How Does This Connector Work?
Lucidum executes read-only requests to the Tenable Nessus REST API and ingests only meta-data about Tenable Nessus assets. Lucidum does not retrieve any data stored on your assets.
Configuring the Connector in Lucidum
Field | Description | Example |
|---|---|---|
Host | The hostname or IP address of the Tenable Nessus server. | |
Access Key | An API Access Key associated with a user account that has the read permissions to fetch Tenable data | ******************* |
Secret Key | An API Secret Key associated with a user account that has the read permission to fetch Tenable data | ******************* |
Verify SSL | For future use. | N/A |
Source Documentation
Creating Credentials
To create a user, Access Key, and Secret Key, see https://community.tenable.com/s/article/An-introduction-to-the-Nessus-API-generating-session-tokens-and-API-keys
Required Permissions
The user you create for Lucidum requires the following permissions:
Asset - Read
For details, see https://cybercns.atlassian.net/wiki/spaces/Verison2/pages/1635057677/Roles