All integrations
NetworkCompliance

Tenable Security Center integration

Centraleyezer connects to Tenable Security Center over its REST API using per-user API keys, resolves the scan you select to its most recent completed result, and imports every vulnerability with full plugin detail. A file-based template for Security Center XML exports is also available.

Scan types imported

  • Network & host vulnerability scans
  • Continuous / distributed scanning results
  • TLS certificate inventory

File import

XML

Upload a Security Center scan result export (Nessus-v2 style XML). The mapping is identical to the Nessus template: ReportHost per asset, ReportItem per finding.

What Centraleyezer expects in the file

  • Plugin name, description, solution, port, protocol, CVE, CVSSv3 score/vector, plugin output and severity (0–4) per finding.
  • Assets matched by host name/IP.

API connection

Point the source at your Tenable.sc console, authenticate with API keys, click Test to list scan definitions, and pick the scan to track. On every run Centraleyezer resolves that definition to its latest completed scan result and imports it.

Configuration

Hostname
Tenable.sc host or IP (optionally host:port; default port 443).
Access Key / Secret Key
A Tenable.sc API key pair. Enter the access key in the username field and the secret key in the password field — Centraleyezer authenticates with API-key auth, not a UI login.
Remote Identifier
The scan definition to import — required; populated by the Test button from GET /scans.
Proxy (optional)
HTTP proxy host:port plus optional proxy credentials.

Where to get the credentials

Generate API keys in Tenable.sc under Users → select your user → API Keys. The account needs permission to view the scans and their results.

What gets imported on every run

  • All vulnerabilities of the latest completed scan result, across every severity (Info to Critical): plugin name, severity, CVE, CVSS score/vector, port, protocol and plugin text.
  • IP assets are created automatically on the mapped network and auto-closed when a host disappears from later results (remediated / decommissioned).
  • TLS certificate inventory extracted from the SSL certificate plugins.

How imported findings are risk-scored

Every Tenable Security Center finding is normalised into Centraleyezer’s risk model on import: the scanner’s native severity scale maps to a configurable DREAD vector (Damage, Reproducibility, Exploitability, Affected users, Discoverability), which combines with asset criticality, network exposure, exploitability intelligence and the platform’s other risk factors to produce one comparable risk score across every scanner you run. CVE, CVSS and CWE metadata are preserved on the finding for reference and reporting, and duplicate findings from repeated imports are automatically correlated instead of creating noise.

See the Tenable Security Center integration live

Book a demo and we’ll connect your Tenable Security Center data and walk through risk-based prioritisation on your own findings.

Tenable Security Center Integration — Setup & Imported Scan Types