Tenable.sc Integration with TEM

Tenable Security Center (also known as Tenable.sc) is an on-premises vulnerability management platform that provides comprehensive visibility into an organization’s security posture by collecting, analyzing, and visualizing vulnerability data from various network assets.

Threat Exposure Management (TEM) enhances Tenable.sc to correlate vulnerabilities with other controls and prioritize remediation of critical risks.

Integrating Tenable.sc with TEM

• Step 1 - Configuring the Tenable Security Center Portal

• Step 2 - Configuring the TEM Portal

Step 1 - Configuring the Tenable Security Center Portal

To integrate Tenable.sc with TEM, you need to create a dedicated API for TEM with the required permissions using a Security Manager account.

Procedure:

1. Log in to Tenable Security Center portal as a user with Security Manager privileges.

2. On the left menu, navigate to Users and click Roles.

   

3. Go to the Roles tab and click Add.

   

   The Add Role page appears.

4. In the Name field, enter a name for the role.

   

5. In Host Assets Permissions, enable the View Host Assets permission.

   

6. Click Submit.

7. Go to the Users tab and click Add.

   

   The Add User page appears.

8. Enter these details:

   1. Username – Veriti

   2. Password - Enter a password.

   3. In the Membership section:

      1. From the Role list, select the role you created in step 3.

      2. From the Group list, select Full Access.

      

9. Click Submit.

   The system creates a user.

10. In the Users table, right-click the row of the user you created and select Generate API Key.

    

11. Click Generate.

    The Your API Key window appears.

    

12. Copy and save the values in Access Key and Secret Key.

Step 2 - Configuring the TEM Portal

1. Log in to the TEM portal.

2. Go to Settings > Integrations > Catalog and select Tenable Security Center.

   

   The Tenable Security Center pop-up appears.

3. Go to the Connection tab and enter these details:

   

   1. In the Connection Name field, enter a unique name to identify the integration.

   2. In the API Access Key field, enter the Access Key generated in the Tenable Security Center portal.

   3. In the API Secret Key field, enter the Secret Key generated in the Tenable Security Center portal.

   4. In the Host field, enter the hostname or IP address of the Tenable Security Center portal.

   5. In the Port field, enter the port number used for the connection.

4. Click Connect.