In this article you will find:

  1. Pre-requisite

  2. How to configure connector in Vulcan platform

  3. How to pull assets and vulnerabilities from into Vulcan platform

  4. How to automate remediation actions with

1. Pre-Requisite

Vulcan's connector requires a dedicated Administrator user role dedicated for Vulcan's connector (Settings --> Users --> New User)

  • The user info in this manual is only for manual purposes. You can fill your user info or choose an existing user with proper permission.

  • The reason we need the Admin role is that we use the Export API, which is the only API Tenable allows us to use, and it requires Admin permissions (More info can be reviewed here).

Grant Vulcan user permissions to Target Groups (Scans --> Target Groups --> Select Target Group)

Grant Vulcan user permissions to Asset Groups (Scans --> Agents --> Agent Groups --> Select Asset Groups --> Permissions)

2. Configure Connector

In the Connectors page, click on Add a Connector.

Click on the connector

Fill all relevant fields:

Server URL - URL of your account

For example:

API Key - Key in order to communicate with API
API keys are per account - Create them with the Vulcan user (as defined in pre-requisite)

Secret Key - Key in order to communicate with API
Secret key is generated along with the API key.

Go to My Account --> API Keys --> Generate keys.

Note that API Keys only present upon initial generation, so it's important to store them in a safe location as hey cannot be retrieved and will need to be regenerated if lost.

We highly recommend Login to your Tenable account with the credentials you've provided.

Click on Create

  • You can see the connector's progress in the Log tab

3. Fetch assets and vulnerabilities from

In Assets --> Hosts, new assets from your account will be added to Vulcan

You can view in Sources the product that identified the asset
In addition, you have full visibility of vulnerabilities found on each specific asset and other important details about the asset (OS, last scan, tags and more) 

Tags are created based on the Agent Groups an host is associated with and related Tags as defined in

Click on an asset to view its Asset Card.

All the vulnerabilities found by will be displayed under the Vulnerabilities tab

All the relevant data from is pulled and can be viewed under the Details tab.

4. Automating Remediation Actions on

With Vulcan, you can automate remediation actions on specific assets.
Navigate to the Automation page, click on Create new Playbook.
Name your playbook. For example: “Remediate Tenable”
Add a description to your Playbook (optional)
Choose your Playbook’s trigger (Vulnerabilities to fix)

  • Vulnerability from a source – The connector from which we pull assets. For example: Vulnerabilities from source Tenable.

  • Vulnerability where – The rule which the playbook will be attached by. For example: Vulnerability where CVSS Score is greater than 7.

  • On assets where – The asset’s property you wish to be automated. For example: On assets where OS is Windows.

  • In this example, the vulnerability that will be fixed is any vulnerability with CVSS score higher than 7, which was found on assets with Windows OS, and that was discovered by Tenable connector.

Choose an action at Remediation actions to automate the process.
For example: Open ServiceNow ticket and assign it to the relevant team.


  • When there is no CVSS3 risk score from the Tenable connector or a 0 (zero) score, the platform falls back to the CVSS2 risk score and uses it as the scanner base risk score in the Vulcan Platform.

  • For fetching assets, we use the Export request (assets/export) and providing the following param to filter by date:

'updated_at': {self.DAYS-AGO}

  • Fetching vulnerabilities - Export request API (vulns/export) and providing the following param to filter by, per request (we do one for fixed status, and 1 for the rest):

filters = {'state': ['fixed'], 'last_fixed': DAYS-AGO)}

filters = {'state': ['open', 'reopened'], 'last_found': DAYS-AGO}

Bear in mind that can apply API limits as specified below. These limits are translated in Vulcan connector log as "Reason - API rate limit exceeded, please try again" error.

  • It can be Rate Limiting: performs rate limiting on API requests to ensure that all customers experience the same level of service. Based on the current processing load, calculates the number of API requests it can accept from a single user per minute.


  • Concurrency Limiting: There are maximum limits for concurrent export requests.

In both cases, returns an HTTP response message with a 429 (Too Many Requests) status code, and the response will include a retry-after header element to specify the number of seconds to wait before retrying.

Did this answer your question?