Tenable.sc Executor¶

Category: Network and Vulnerability Scanners Script: tenablesc.py Integration: pyTenable SDK (tenable.sc) Faraday Plugin: NessusPlugin Website: https://www.tenable.com/products/tenable-sc

Description¶

Connects to an on-premise Tenable SecurityCenter (Tenable.sc) instance via the pyTenable SDK, retrieves completed scan results, exports them in Nessus format, and parses them into Faraday. Supports fetching specific scan IDs or all completed scans.

Prerequisites¶

• Tenable SecurityCenter installed and accessible
• API access key and secret key (generated in Tenable.sc > Users > Select user > API Keys)
• Python package: tenable

Configuration¶

Environment Variables (Setup)¶

Execution Arguments¶

YAML Configuration Example¶

executors:
  tenablesc_import:
    repo_executor: tenablesc.py
    max_size: 65536
    varenvs:
      TENABLE_HOST: "sc.internal.local"
      TENABLE_ACCESS_KEY: "${TENABLE_ACCESS_KEY}"
      TENABLE_SECRET_KEY: "${TENABLE_SECRET_KEY}"
    params:
      TENABLE_SCAN_ID:
        mandatory: false
        type: list
        base: list
      COMPLETED_SCANS:
        mandatory: false
        type: boolean
        base: boolean

How It Works¶

1. Authenticates with Tenable.sc using API keys
2. If TENABLE_SCAN_ID is provided, retrieves those specific scan instances
3. If COMPLETED_SCANS is set, retrieves all completed scan instances
4. Exports each scan result in Nessus format (ZIP archive containing .nessus files)
5. Extracts and parses each .nessus file through NessusPlugin
6. Outputs combined Faraday JSON

Finding Scan IDs¶

In Tenable.sc, navigate to Scans > Scan Results and view the scan details. The scan instance ID is visible in the URL or detail view.

Notes¶

• At least one of TENABLE_SCAN_ID or COMPLETED_SCANS must be provided
• The executor does not launch new scans — it imports results from existing completed scans
• API keys are generated per-user in the Tenable.sc administration interface