Set up the Tenable connector

With Tenable, businesses identify and mitigate vulnerabilities across networks, systems, and applications. By integrating Tenable, Veracode Risk Manager (VRM) leverages its insights to recommend the best next actions for your security teams, ensuring seamless alignment with your broader tool stack and promoting a unified, strategic approach to security management.

Complete the following tasks to set up your VRM connector for Tenable.

Create Tenable API keys

Before you begin:

Ensure your Tenable user account has the CanView permission for all assets. To check your permissions in Tenable, select My Account > Permissions.

To complete this task:

1. Log in to your Tenable account.

2. Select My Account > API Keys.

   

3. Select Generate. The page displays the generated custom API keys.

4. Copy the access key and secret key to a secure location. You will not be able to view them again after you leave the page.

Create a VRM connector

1. In VRM, from the left navigation menu, select the Settings icon .
2. Select Add Connector.
3. Select the Tenable tile.
4. Enter a name for the connector.
5. For API Key, paste the access key you generated in Tenable.
6. For Secret, paste the secret key you generated in Tenable.
7. If you want to pull findings from an on-premises Tenable instance, replace the default endpoint URL with the URL of the on-premises instance.
8. Select Add Connector.

Validate your data

After successfully connecting the Tenable Connector within VRM, it will take some time for VRM to fetch the findings.

After the connector has completed the fetch, validate that VRM correctly ingested the data.

1. In VRM, select Findings from the left navigation menu.
2. Select the Findings Source filter and select Tenable.

The Findings table lists the Tenable vulnerability findings.