- Visualize Tenable.io users, scans, findings, reports, vulnerabilities, and container findings in the JupiterOne graph.
- Map Tenable.io users to employees in your JupiterOne account.
- Monitor Tenable vulnerabilities and findings within the alerts app.
- Monitor changes to Tenable.io users, scans, findings, reports, vulnerabilities, and container findings using JupiterOne alerts.
- JupiterOne periodically fetches Tenable.io users, scans, findings, agents, and vulnerabilities to update the graph.
- Write JupiterOne queries to review and monitor updates to the graph.
- Configure alerts to reduce the noise of findings.
- Configure alerts to take action when the JupiterOne graph changes.
- JupiterOne requires an access key and secret key used to authenticate with Tenable.io.
- You must have the Tenable Administrator role for a successful integration.
- You must have permission in JupiterOne to install new integrations.
If you need help with this integration, please contact JupiterOne Support.
- Make sure the account you use to integrate has the Administrator role.
- Click the hamburger icon in the top left corner to open the left pane.
- Navigate to Settings
- Click My Account
- On the left side, click API Keys
- In the bottom right corner click Generate
- Copy your Access Key and Secret Key into the respective fields in the JupiterOne Tenable.io integration setup.
- From the top navigation of the J1 Search homepage, select Integrations.
- Scroll to the Tenable.io integration tile and click it.
- Click the Add Configuration button and configure the following settings:
- Enter the Account Name by which you'd like to identify this Tenable.io
account in JupiterOne. Ingested entities will have this value stored in
tag.AccountName
when Tag with Account Name is checked. - Enter a Description that will further assist your team when identifying the integration instance.
- Select a Polling Interval that you feel is sufficient for your monitoring
needs. You may leave this as
DISABLED
and manually execute the integration. - Enter the Access Key used to authenticate with Tenable.io.
- Enter the Secret Key associated with the access key.
- Click Create Configuration once all values are provided.
- From the top navigation of the J1 Search homepage, select Integrations.
- Scroll to the Tenable.io integration tile and click it.
- Identify and click the integration to delete.
- Click the trash can icon.
- Click the Remove button to delete the integration.
The following entities are created:
Resources | Entity _type |
Entity _class |
---|---|---|
Account | tenable_account |
Account |
Agent | tenable_agent |
HostAgent |
Asset | tenable_asset |
Record |
Compliance Finding | tenable_compliance_finding |
Finding |
Container Finding | tenable_container_finding |
Finding |
Container Image | tenable_container_image |
Image |
Container Malware | tenable_container_malware |
Finding |
Container Report | tenable_container_report |
Assessment |
Container Repository | tenable_container_repository |
Repository |
Container Unwanted Program | tenable_container_unwanted_program |
Finding |
Service | tenable_scanner |
Service |
User | tenable_user |
User |
Vulnerability | tenable_vulnerability_finding |
Finding |
The following relationships are created:
Source Entity _type |
Relationship _class |
Target Entity _type |
---|---|---|
tenable_account |
HAS | tenable_agent |
tenable_account |
HAS | tenable_asset |
tenable_account |
HAS | tenable_container_image |
tenable_account |
HAS | tenable_container_repository |
tenable_account |
HAS | tenable_user |
tenable_account |
PROVIDES | tenable_scanner |
tenable_agent |
PROTECTS | tenable_asset |
tenable_asset |
HAS | tenable_compliance_finding |
tenable_asset |
HAS | tenable_vulnerability_finding |
tenable_container_image |
HAS | tenable_container_finding |
tenable_container_image |
HAS | tenable_container_malware |
tenable_container_image |
HAS | tenable_container_report |
tenable_container_image |
HAS | tenable_container_unwanted_program |
tenable_container_report |
IDENTIFIED | tenable_container_finding |
tenable_container_report |
IDENTIFIED | tenable_container_malware |
tenable_container_report |
IDENTIFIED | tenable_container_unwanted_program |
tenable_container_repository |
HAS | tenable_container_image |
tenable_scanner |
SCANS | tenable_container_image |
The following mapped relationships are created:
Source Entity _type |
Relationship _class |
Target Entity _type |
Direction |
---|---|---|---|
tenable_asset |
IS | *aws_instance* |
FORWARD |
tenable_asset |
IS | *azure_vm* |
FORWARD |
tenable_asset |
IS | *google_compute_instance* |
FORWARD |
tenable_vulnerability_finding |
HAS | *aws_instance* |
REVERSE |
tenable_vulnerability_finding |
HAS | *azure_vm* |
REVERSE |
tenable_vulnerability_finding |
HAS | *google_compute_instance* |
REVERSE |
tenable_vulnerability_finding |
IS | *cve* |
FORWARD |