Add a Source

In Tenable Attack Surface Management, you can add a source to your inventory to identify more assets associated with your organization.

See the following procedures for how to add different types of sources.

  1. In Tenable Attack Surface Management, in the upper-right corner, click the button.

  2. In the drop-down list, click Add Hostname or Domain.

    The Enter Hostname window appears.

  3. In the Enter a host to your Inventory box, type a hostname or domain.

    A list of options appears.

    Note: You can add a maximum of two domains across your organization. If you already have two domains system-wide, you must delete one before you can add another.

  4. Select any applicable options:

    Option Description
    Add subdomains instead of domains Adds the domain as a subdomain instead of a host or domain.
    Don't do subdomain discovery Prevents Tenable Attack Surface Management from automatically discovering subdomains for the domain.
    Elastic source Tells Tenable Attack Surface Management to extract data using the IP address that an asset resolves to.

  5. Click the Next button.

    The hostname, domain, or subdomain appears in your inventory and begins identifying assets.

  1. In Tenable Attack Surface Management, in the upper-right corner, click the button.

  2. In the drop-down list, click Add IP addresses or IP ranges.

    The Enter IP address window appears.

  3. In the Enter an IP range to your Inventory box, type an IP address, IP range, or a comma-separated list of IP addresses.

  4. To select assets, do one of the following:

    • Click Add IP address if you want Tenable Attack Surface Management to identify all assets associated with the IP address.

    • Click Select Assets Manually. The Select IP Addresses window appears: select the IP addresses to add to your inventory, and click Add to Inventory to add the assets.

Tenable Attack Surface Management adds the IP addresses to your inventory and begins identifying assets.

  1. In Tenable Attack Surface Management, in the upper-right corner, click the button.

  2. In the drop-down list, click Add ASN.

    The Enter ASN window appears.

  3. In the Enter AS number or organization name box, type an ASN or search for an organization.

  4. Click the Add ASN button.

    Tenable Attack Surface Management adds the ASN to your inventory and begins identifying assets.

Before you begin

Tenable Attack Surface Management requires the following permissions to add Cloudflare sources:

  • Zone Read — Grants read access to zone management.

  • DNS Read — Grants read access to DNS.

To add sources from Cloudflare:

  1. In Tenable Attack Surface Management, in the upper-right corner, click the button.

  2. In the drop-down list, click Add from Cloudflare.

    The Cloudflare keys window appears with the list of configured API keys.

  3. Do one of the following:

    • Click an API key to view the list of available zones or domains the API key has access.

    • (Optional) If you do not have any configured API keys, add a new API key:

      1. Click Add.

        Tenable Attack Surface Management displays the Add Cloudflare key box.

      2. In the Cloudflare account name box, type a name for the Cloudflare account.

      3. In the API key box, copy and paste the API key for your Cloudflare account.

      4. Click Add.

        Tenable Attack Surface Management adds the API key and displays the Available zones window with the list of Cloudflare zones (domain names) the API key has access.

        Note: Tenable Attack Surface Management supports these types of DNS records: A, AAAA, CNAME, MX, NS, TXT, PTR, and SOA.

  4. To add a domain to your inventory, click the Add to inventory link next to the domain name you want to add.

    Note: To add all zones to your inventory, click Add all.

Tenable Attack Surface Management adds the Cloudflare assets to your inventory and redirects you to the Inventory page showing the newly added sources. The source from Cloudflare has an orange cloud icon under its name.

If there are assets from outside the zone or domain, Tenable Attack Surface Management automatically adds them as elastic assets. Tenable Attack Surface Management extracts data from these elastic assets using the hostname rather than their IP addresses. The IP column in the Inventory table shows Elastic Asset instead of an IP address for these elastic assets.

To delete a Cloudflare API key:

  1. In the Cloudflare keys window, click next to the Cloudflare API key to delete.

    Tenable Attack Surface Management deletes the Cloudflare API key. The sources added using this key still show up in the inventory but Tenable Attack Surface Management eventually deletes them across all inventories.

Before you begin

  • Make sure that you grant read-only permission for Tenable Attack Surface Management in your AWS account. For more information, see ReadOnlyAccess in the AWS documentation.

  • Add your AWS account to Tenable Attack Surface Management. See Integrate with AWS.

To add sources from AWS:

  1. In Tenable Attack Surface Management, in the upper-right corner, click the button.

  2. In the drop-down list, click Add from AWS.

    The AWS keys window appears with the list of configured AWS API keys.

  3. To add sources from your AWS account, click Add as a source.

    Tenable Attack Surface Management adds the sources from AWS.

    Note: Depending on the number of assets, the process may take some time to complete.