In this article you will find:
How to configure Tenable.io WAS in Vulcan platform
How to pull asset and vulnerabilities from Tenable.io WAS into Vulcan platform
How does Vulcan determine that a Tenable.io WAS Vulnerability has been fixed?
Vulcan's Tenable.io connector requires a dedicated Administrator user role dedicated for Vulcan's Tenable.io connector (Settings --> Users --> New User)
The user info in this manual is only for manual purposes. You can fill your user info or choose an existing user with proper permission.
2. How to configure Tenable.io WAS in Vulcan platform
In the Connectors page, click on Add a Connector.
Click on the Tenable.io WAS connector
Fill all relevant fields:
Server URL - URL of your Tenable.io account
For example: https://cloud.tenable.com
API Key - Key in order to communicate with Tenable.io API
API keys are per account - Create them with the Vulcan user (as defined in pre-requisite)
Secret Key - Key in order to communicate with Tenable.io API
Secret key is generated along with the API key.
Click on Create.
Once the connector is Connected you can start working with it.
3. How to pull asset and vulnerabilities from Tenable.io WAS into Vulcan platform
Tenable.io WAS connector create Website out of each Application and correlate Vulnerabilities that are associated with each one of them.
Under Assets --> Websites, new assets from your Tenable.io WAS will be added to Vulcan.
Each Application will be displayed as a Site in Vulcan, while all its related vulnerabilities will be associated with it.
Click on an asset to view its Asset Card.
All the vulnerabilities found by Tenable.io WAS will be displayed under the Vulnerabilities tab
All the relevant data from Tenable.io WAS is pulled and can be viewed under the Details tab.
4. How does Vulcan determine that a Tenable.io WAS Vulnerability has been fixed?
Tenable.io WAS only reports information on an asset-vulnerability if it is actively present and vulnerable on a specific asset. Because of this, the remediation status of a vulnerability is determined by its presence in the sync data; meaning that Vulcan recognizes a vulnerability as fixed only when the Tenable.io WAS connector syncs and the new data does not contain the specific asset-vulnerability.