Skip to main content

Integrate Internal Security with Tenable.io

Mark Glinski
  • Updated

In this article:

    Take the following integration steps to provide ISS Internal Security with necessary information to communicate with your Tenable.io vulnerability management solution.

    When integrated, Internal Security extracts the following information from Tenable.io:

    • Network details
    • Asset details
    • Agent group details
    • Scan information

    Prepare for your integration

    Before configuring the integration do the following:

    1. To enable communication with Internal Security, add the IP address  54.88.49.59  to your allowlist.
    2. Install Internal Security from Integrate360°: Marketplace. See ISS Internal Security module for guidance. 
    3. Make sure you have administrative permissions in Tenable.io or access to an administrator.

    The Internal Security integration requires the following configuration values:

    Setting Description
    Access token (API access key) One of a pair of tokens that authorizes a user to perform the GET request
    Secret token
    (API secret key)

    One of a pair of tokens that authorizes a user to perform the GET request
    Note: Contact your internal Support or Engineering team if you are unable to provide the information required for this integration.

    Step 1: Create an API key access key and secret key

    Create keys that will provide Internal Security with read-only access to Tenable.io data:

    1. Log into Tenable, and click the three horizontal bars in the top-left corner of the home page to pull out the left navigation pane. Then, and click Settings in the pane.

      tenable-pull-drawer.png

      iss-tenable-login.png

    2. In settings, select My Account.

      iss-tenable-account.png

    3. In the API Keys tab of your account page, click Generate.

      iss-tenable-gen-key.png
      Note: If you already generated a key, a warning appears. Click Continue to replace any keys and revoke authorization for any applications using them. If you previously configured a key for Internal Security, you will need to replace it with the new key in the following step

      iss-tenable-key-warning.png
    4. Copy the generated keys for use in the next step. Then, click Close.

      iss-tenable-copy-key.png

    Step 2: Add a Tenable.io integration in Internal Security

    Provide Internal Security with the required information for communicating with Tenable.io:

    1. In your Scorecard header, select the Internal Security tab. Then, select Internal Security again.

      iss-iss-internal-security-tab.png

    2. Click Add integrations.
    3. Select Tenable.io from the drop-down list.
    4. Enter the required information from the preceding step and then click Save Configuration:
      • The access token (API key in Tenable.io) 

      • The secret token (secret key in Tenable.io)


        iss-tenable-ssc-settings.png

    Your new integration appears in a table on the Internal Security page. Start viewing your Internal Security score and findings within 24 hours.

    iss-internal-integrations-list-tenable.png

    Note: Internal Security starts to provide data within 24 hours for each new integration as it syncs with SecurityScorecard's scanning and scoring cycles. 

    Documents and resources

    Related articles