Tenable.sc
  • 2 Minutes to read
  • PDF

Tenable.sc

  • PDF

Article summary

About this document


This document provides the step-by-step procedure to configure Tenable.sc in SAFE.

Pre-requisites


  • You must install an on-prem Site Coordinator (SC) for the SAFE instance on which you want to configure the Tenable.sc. To install a Site Coordinator, refer to Installing Site Coordinator.
  • To configure the Tenable.sc integration, you need the following details:
Note 

The SAFE - Tenable.sc integration can support upto 10,000 host assets.

Hardware Requirements


  • For an existing Site Coordinator, we recommend assigning an additional 4 GB RAM before configuring Tenable.sc.
  • For a new Site Coordinator deployment with Tenable.sc integration, we recommend:
    • 4 Core CPU
    • 8 GB RAM
    • 50 GB disk storage

[Optional] Identifying Tenable.sc Asset Tag IDs to use as a filter

The SAFE-Tenable.sc integration allows users to specify the Tenable.sc Asset Tag IDs as filters for pulling selective assets and their related VA results from Tenable.sc. This allows SAFE to get selective information from Tenable.sc.

Get the Asset Tag IDs

Get the Asset Tag IDs from Tenable.sc as follows:

  1. Log in to Tenable.sc.
  2. Click Assets available at the top navigation bar.
    1(1)
  3. On the Assets page, click the Asset for which you want the Asset ID.
  4. On the Asset page, for some of the Asset Types, you can get the Asset ID from the page itself. But if the Asset ID is not available on the page, refer to the individual asset page URL; Asset ID would always be present at the end of URL.
    2(1)For example, In the below screenshot, the Asset ID is 1237.
    3(1)

Configure Tenable.sc


On SAFE

Important

Some steps while configuring Tenable.sc are needed to be performed by the SAFE support team. Please get in touch with the SAFE support team to assist you.

On Site Coordinator

  1. Ensure you have the latest install-site-coordinator.sh script present on SC. This step is not required if it's a fresh SC installation
    For an already existing SC setup, download the script from the SAFE instance; SAFE_URL is the SAFE dashboard’s URL:
    curl -o install-site-coordinator.sh https://<SAFE_URL>/download-scripts/install-site-coordinator.sh
    Note: SAFE_URL is the SAFE dashboard’s URL
    5(1)
  2. For fresh installation of tenable.sc connector image version <version>, execute the following command:
    sh install-site-coordinator.sh --connector:tenablesc <version>
    The script will prompt for inputs, and answering them will help you configure tenable.sc assessment.
    The below screenshot provides an example of the installation.
    6(1)

Upgrade Tenable.sc integration


For an already existing tenable.sc integration if there is a new update available. The integration can be upgraded to the new version by executing the following command
sh install-site-coordinator.sh --connector:tenablesc <version> --update

View results of Tenable.sc Assessments


After a successful sync of Tenable.sc integration, the Tenable.sc assets are automatically imported to SAFE. These assets can be viewed in SAFE on the Technology > Assets page. The vulnerabilities imported from Tenable.sc will be present against these assets.

FAQs


1. Will the severity of a vulnerability in SAFE be updated if it's changed in Tenable.sc?

If you change the severity of a vulnerability in Tenable.sc, it will only update in SAFE if the change was made after the two applications were last synced. Once they sync up again, the new severity will appear in SAFE.


Was this article helpful?

What's Next