Tenable Security Center Integration Guide

Copy

• Copy for LLM

  Copy page as Markdown for LLMs
• View as Markdown

  Open this page as Markdown
• Open in ChatGPT

  Get insights from ChatGPT
• Open in Claude

  Get insights from Claude

This guide walks you through creating a Tenable Security Center (SC) integration.

Version note: API key authentication requires Tenable Security Center 5.13.x or later. The exact navigation paths below reflect the 6.x UI — earlier versions may present these settings in a different location, but the concepts are the same.

Prerequisites

An Administrator must enable API key authentication at the system level before any user can generate API keys.

Enable API Key Authentication (Administrator only)

1. Log in to Tenable Security Center as an Administrator.
2. In the left navigation, go to System → Configuration.
3. Click the Security tile.
4. In the Authentication Settings section, enable the Allow API Keys toggle.
5. Click Submit.

This only needs to be done once. If API keys are already enabled in your environment, skip to the next section.

Create a Service Account for the Integration

We recommend using a dedicated service account rather than a personal user account for production integrations.

1. Log in as an Administrator or Security Manager.
2. Navigate to Users → Users.
3. Create a new organizational user with the Vulnerability Analyst role at minimum.
   • In Tenable’s User Roles documentation, Vulnerability Analyst may view security data, share objects, view logs, and use tickets — typically enough for this integration’s read-only use of vulnerability and asset data through the analysis API. If your org has customized those role permissions, you may need to adjust them or choose a different role.
   • Security Analyst is more capable than Vulnerability Analyst (Tenable: all organization-level actions except managing groups and users, including tasks like freeze windows and plugin updates). Use it only if Vulnerability Analyst hits permission errors or your policy requires that tier for integration accounts.
4. Assign the user to the appropriate repository so it has access to the vulnerability data you want to sync.

Generate API Keys

1. Navigate to Users → Users.
2. Right-click the row for the service account you created (or select its checkbox).
3. From the actions menu, click API Keys → Generate API Key.
4. Confirm by clicking Generate.
5. Copy both the Access Key and Secret Key and store them securely.

Important: The secret key is only shown once. If you lose it, you must generate new keys, which will invalidate the previous ones.

Configure the Integration

Create your integration by supplying all configuration values.

Base URL:
The URL of your Tenable Security Center instance (e.g. https://tenablesc.example.com)

API Keys (Secret):
accesskey=<access-key>; secretkey=<secret-key>;

Copy the keys from the step above. Note the format: lowercase field names, = separators, and semicolons after each value.