All Collections
Connectors
Importing Tenable WAS Data into Vulcan via Vulcan Report
Importing Tenable WAS Data into Vulcan via Vulcan Report
Updated over a week ago

Introduction

Due to the limitations of the Tenable WAS API and its lack of official support, Vulcan has discontinued the out-of-the-box Tenable WAS integration. This guide provides a workaround for importing Tenable WAS data into Vulcan using the Vulcan Report (ConnectX). By following these steps, you can effectively integrate Tenable WAS data into Vulcan, ensuring continuous monitoring and management of your web application vulnerabilities, even without the direct API support from Tenable.

Note: This guide assumes the user has basic familiarity with both Tenable WAS and Vulcan platforms. If you encounter any issues or have questions, please reach out to Vulcan support at support@vulcan.io.

About Vulcan Report Connector

The Vulcan ConnectX/Report Connector enables you to upload CSV, ZIP, XLS, and xlsx files from SAST/DAST and Vulnerability assessment tools that might not be supported yet by the existing Vulcan Connectors. On top of that, you can use the Vulcan Report Connector to upload Penetration Test files for asset data type Host or Website, depending on PT application type or infrastructure. Once you upload your data file and select the appropriate data type, the relevant mapping table appears on the connector screen. Then, you need to map the Headers in your file to the right Header/Field in the Vulcan Platform.

Steps

Step 1: Export Data from Tenable WAS

  1. In Tenable, navigate to the Findings section and select the Web Application Findings tab.

  2. Toggle to include/exclude Info severity findings and select the required time period of findings

  3. Configure Filters:

    • Finding State: Choose 'Active', 'Resurfaced', and 'New'.

    • Severity: Select the severity levels you want to include.

    • Risk Modify: Set to 'Not equal to Accepted'.

  4. Use the checkbox to select all findings. If there are multiple pages of findings, opt to "select all web application vulnerabilities."

  5. Export Data:

    1. Click the 'Export' button.

    2. In the panel that appears, select 'CSV' format.

    3. Choose the following fields to include in your export:

      • Asset ID

      • Asset Name

      • CVSSv2 base score and vector

      • CVSSv3 base score and vector

      • Family

      • Finding ID

      • First Seen

      • Last Seen

      • Plugin Description

      • Plugin ID

      • Plugin Name

      • Severity

      • Solution

      • VPR,

      • Vulnerability Published

Step 2: Import Data into Vulcan

  1. In Vulcan, navigate to Connectors and then select Add new.

  2. Select Vulcan Report as the connector type.

  3. Give the Connector an indicative name, such as "Tenable WAS Data - January 25".

  4. Click 'browse' to upload the file you exported from Tenable WAS.

Step 3: Configure the data mapping

  1. Data Type: Set to 'Websites (DAST)'.

  2. Fields Mapping: Once you select the Data Type, a dedicated Map Fields configuration is opened. Map out the headers fields in your file (left column) to the respective Vulcan fields (right column). You can also add custom values.

    Map the fields as described in the table below.
    Note: The mapping is configurable and can be modified. To do so, contact your Customer Success Manager.

Tenable WAS Fields

Vulcan Field

asset.display_ipv_address

Asset - Details

asset.id

Asset - Details

asset.name

Asset - Name

Asset - URL

definition.cvss2.base_score

Vulnerability - Details

definition.cvss2.base_vector

Vulnerability - Details

definition.cvss3.base_score

Vulnerabilities - Technical Severity

definition.cvss3.base_vector

Vulnerability - Details

definition.description

Vulnerability - Description

definition.family

Asset - Details

definition.id

Vulnerabilities - ID

definition.name

Vulnerability - Name

definition.solution

Solutions - Description

definition.vpr.score

Vulnerability - Details

definition.vulnerability_published

Vulnerabilities - Details

finding_id

Vulnerabilities - Unique Instance ID

first_observed

Vulnerabilities - Discovery Time

last_seen

Vulnerabilities - Details

severity

Vulnerabilities - Details

state

Asset - Details

Step 3: Review and Complete Import

  1. Review the fields and make sure the mapping is correct.

  2. Click Create.It usually takes several minutes for a file to complete the sync. Larger files take longer.

Step 4: Validate the Imported Data

Once the data import is complete, you can start reviewing it in the Vulcan Platform.

  1. Go to Assets > Websites.

  2. Filter by Connector Name to view the relevant assets.

  3. You should expect to see the imported assets and their relevant details.

    For example:

Did this answer your question?