Enterprise
runZero integrates with Tenable Nessus using two methods. For all versions of Nessus, runZero can import Nessus files (.nessus) that were exported from your Nessus instance. Exports from Tenable Security Center are also supported. For Nessus Professional users, the runZero integration can pull scan data from the Nessus Professional API.
Getting started with Tenable Nessus
To use the Tenable Nessus integration, you’ll need to:
- Export vulnerability scan results as Nessus files.
- Import the Nessus files through the inventory pages.
Requirements
Before you can set up the Nessus integration:
Step 1: Export vulnerability scan results
- Log in to Nessus with the account being used for the runZero integration.
- Open the scan results you want to be able to import into runZero.
- Choose Export > Nessus to download the scan results.
Step 2: Import the Nessus files into runZero
- Go to the Inventory page in runZero.
- Choose Import > Nessus scan (.nessus) from the list of import types.
- On the import data page:
- Choose the site you want to add your assets to, and
- Set the severity levels and minimum risk level to ingest. (Note: much of the host information provided by Tenable is from Info-level plugins, so if you only import higher levels of severity you may not see much information about assets not scanned by runZero.)
Step 3: View Nessus assets and vulnerabilities
After a successful sync, you can go to your inventory to view your Nessus assets. These assets will have a Tenable icon listed in the Source column.
The Nessus integration gathers details about vulnerabilities detected in addition to enriching asset inventory data. Go to Inventory > Vulnerabilities to view the vulnerability data provided by Nessus.
To filter by Nessus assets, consider running the following queries:
Click into each asset to see its individual attributes. runZero will show you the attributes gathered from the Nessus scan file.