Tenable Security Center integration
Centraleyezer connects to Tenable Security Center over its REST API using per-user API keys, resolves the scan you select to its most recent completed result, and imports every vulnerability with full plugin detail. A file-based template for Security Center XML exports is also available.
Scan types imported
- Network & host vulnerability scans
- Continuous / distributed scanning results
- TLS certificate inventory
File import
Upload a Security Center scan result export (Nessus-v2 style XML). The mapping is identical to the Nessus template: ReportHost per asset, ReportItem per finding.
What Centraleyezer expects in the file
- Plugin name, description, solution, port, protocol, CVE, CVSSv3 score/vector, plugin output and severity (0–4) per finding.
- Assets matched by host name/IP.
API connection
Point the source at your Tenable.sc console, authenticate with API keys, click Test to list scan definitions, and pick the scan to track. On every run Centraleyezer resolves that definition to its latest completed scan result and imports it.
Configuration
Where to get the credentials
Generate API keys in Tenable.sc under Users → select your user → API Keys. The account needs permission to view the scans and their results.
What gets imported on every run
- All vulnerabilities of the latest completed scan result, across every severity (Info to Critical): plugin name, severity, CVE, CVSS score/vector, port, protocol and plugin text.
- IP assets are created automatically on the mapped network and auto-closed when a host disappears from later results (remediated / decommissioned).
- TLS certificate inventory extracted from the SSL certificate plugins.
How imported findings are risk-scored
Every Tenable Security Center finding is normalised into Centraleyezer’s risk model on import: the scanner’s native severity scale maps to a configurable DREAD vector (Damage, Reproducibility, Exploitability, Affected users, Discoverability), which combines with asset criticality, network exposure, exploitability intelligence and the platform’s other risk factors to produce one comparable risk score across every scanner you run. CVE, CVSS and CWE metadata are preserved on the finding for reference and reporting, and duplicate findings from repeated imports are automatically correlated instead of creating noise.