runZero integrates with Tenable Nessus using two methods. For all versions of Nessus, runZero can import Nessus files (.nessus) that were exported from your Nessus instance. For Nessus Professional users, the runZero integration can pull scan data from the Nessus Professional API.
Getting started with Tenable Nessus
To use the Tenable Nessus integration, you’ll need to:
- Export vulnerability scan results as Nessus files.
- Import the Nessus files through the inventory pages.
Before you can set up the Nessus integration:
- Verify that you have runZero Enterprise.
- Make sure you have access to the Nessus portal.
Step 1: Export vulnerability scan results
- Log in to Nessus with the account being used for the runZero integration.
- Open the scan results you want to be able to import into runZero.
- Choose Export > Nessus to download the scan results.
Step 2: Import the Nessus files into runZero
- Go to the Inventory page in runZero.
- Choose Import > Nessus scan (.nessus) from the list of import types.
- On the import data page:
- Choose the site you want to add your assets to, and
- Set a minimum severity and risk to ingest.
Step 3: View Nessus assets and vulnerabilities
After a successful sync, you can go to your inventory to view your Nessus assets. These assets will have a Tenable icon listed in the Source column.
The Nessus integration gathers details about vulnerabilities detected in addition to enriching asset inventory data. Go to Inventory > Vulnerabilities to view the vulnerability data provided by Nessus.
To filter by Nessus assets, consider running the following queries:
- View all Nessus assets:
Click into each asset to see its individual attributes. runZero will show you the attributes gathered from the Nessus scan file.