Required User Role: Active User, Cloud Connector Manager, or Business Administrator.
Add Sources
In Tenable Attack Surface Management, you can add a source to your inventory to identify more assets associated with your organization.
See the following procedures for how to add different types of sources.
Add a hostname, domain, or subdomain
-
In the left pane of the Explore page, click the
button.
Tenable Attack Surface Management displays the sources that you can add.
-
In the drop-down list, click Add Hostname or Domain.
The Enter Hostname window appears.
-
In the Enter a host to your Inventory box, type a hostname or domain.
A list of options appears.
-
Select any applicable options:
Option Description Add subdomains instead of domains Adds the domain as a subdomain instead of a host or domain. Don't do subdomain discovery Prevents Tenable Attack Surface Management from automatically discovering subdomains for the domain. Elastic source During asset detection, Tenable Attack Surface Management records both FQDN and IP address of the asset. When you enable the Elastic source option, Tenable Attack Surface Management records only the asset's FQDN. This prevents duplicate asset findings for an asset with frequently changing IP address, such as one hosted by a Cloud service. When extracting data from an asset in an Elastic Source, Tenable Attack Surface Management resolves the FQDN to an IP address right before each scan.
-
Click Next.
The hostname, domain, or subdomain appears in your inventory and begins identifying assets.
Add an IP address or IP range
-
In the left pane of the Explore page, click the
button.
Tenable Attack Surface Management displays the sources that you can add.
-
In the drop-down list, click Add IP addresses or IP ranges.
The Enter IP address window appears.
-
In the Enter an IP range to your Inventory box, type an IP address, IP range, or a comma-separated list of IP addresses.
-
To select assets, do one of the following:
-
Click Add IP address if you want Tenable Attack Surface Management to identify all assets associated with the IP address.
-
Click Select Assets Manually. The Select IP Addresses window appears: select the IP addresses to add to your inventory, and click Add to Inventory to add the assets.
Tenable Attack Surface Management adds the IP addresses to your inventory and begins to identify assets.
Add an Autonomous System Number (ASN)
-
In the left pane of the Explore page, click the
button.
Tenable Attack Surface Management displays the sources that you can add.
-
In the drop-down list, click Add ASN.
The Enter ASN window appears.
-
In the Enter AS number or organization name box, type an ASN or search for an organization.
-
Click the Add ASN button.
Tenable Attack Surface Management adds the ASN to your inventory and begins to identify assets.
Add sources from Cloudflare
Before you begin
Tenable Attack Surface Management requires the following permissions to add Cloudflare sources:
-
Zone Read — Grants read access to zone management.
-
DNS Read — Grants read access to DNS.
To add sources from Cloudflare:
-
In the left pane of the Explore page, click the
button.
Tenable Attack Surface Management displays the sources that you can add.
-
In the drop-down list, click Add from Cloudflare.
The Cloudflare keys window appears with the list of configured API keys.
-
Do one of the following:
-
Click an API key to view the list of available zones or domains the API key has access.
-
(Optional) If you do not have any configured API keys, add a new API key:
-
Click Add.
Tenable Attack Surface Management displays the Add Cloudflare key box.
-
In the Cloudflare account name box, type a name for the Cloudflare account.
-
In the API key box, copy and paste the API key for your Cloudflare account.
-
Click Add.
Tenable Attack Surface Management adds the API key and displays the Available zones window with the list of Cloudflare zones (domain names) where the API key has access.
Note: Tenable Attack Surface Management supports these types of DNS records: A, AAAA, CNAME, MX, NS, TXT, PTR, and SOA.
-
-
-
To add a domain to your inventory, click the Add to inventory link next to the domain name to add.
Note: To add all zones to your inventory, click Add all.
Tenable Attack Surface Management adds the Cloudflare assets to your inventory and redirects you to the Inventory page showing the newly added sources. The source from Cloudflare has an orange cloud icon under its name.
If there are assets from outside the zone or domain, Tenable Attack Surface Management automatically adds them as elastic assets. Tenable Attack Surface Management extracts data from these elastic assets using the hostname rather than their IP addresses. The IP column in the Inventory table shows Elastic Asset instead of an IP address for these elastic assets.
To delete a Cloudflare API key:
-
In the Cloudflare keys window, click
next to the Cloudflare API key to delete.Tenable Attack Surface Management deletes the Cloudflare API key. The sources added using this key still show up in the inventory but Tenable Attack Surface Management eventually deletes them across all inventories.
Add sources from AWS
Before you begin
-
Make sure that you grant read-only permission for Tenable Attack Surface Management in your AWS account. For more information, see ReadOnlyAccess in the AWS documentation.
-
Add your AWS account to Tenable Attack Surface Management. See Integrate with AWS.
To add sources from AWS:
-
In the left pane of the Explore page, click the
button.
Tenable Attack Surface Management displays the sources that you can add.
-
In the drop-down list, click Add from AWS.
The AWS keys window appears with the list of configured AWS API keys.
-
To add sources from your AWS account, click Add as a source.
Tenable Attack Surface Management adds the sources from AWS.
Note: Depending on the number of assets, the process may take some time to complete.
Add sources from Azure
-
Make sure that you grant read-only permission (Reader role) for Tenable Attack Surface Management in your Azure account. For more information, see Azure built-in roles for General in the Azure documentation.
-
Add your Azure account to Tenable Attack Surface Management. See Integrate with Microsoft Azure .
To add sources from Azure:
-
In the left pane of the Explore page, click the
button.
Tenable Attack Surface Management displays the sources that you can add.
-
In the drop-down list, click Add from Azure.
The Azure keys window appears with the list of configured Azure API keys.
-
To add sources from your Azure account, click Add as a source.
Tenable Attack Surface Management adds the sources from Azure.
Note: Depending on the number of assets, the process may take some time to complete.
Add sources from Google Cloud Platform
-
Make sure to have a service account with read only permissions. Tenable recommends you use Google’s reader role for the service account. To check the service account permissions, click here.
-
Add your Google Cloud Platform account to Tenable Attack Surface Management. See Integrate with Google Cloud Platform.
To add sources from Google Cloud Platform:
-
In the left pane of the Explore page, click the
button.
Tenable Attack Surface Management displays the sources that you can add.
-
In the drop-down list, click Add from Google Cloud Platform.
The Google Cloud Platform keys window appears with the list of configured Google Cloud Platform API keys.
-
To add sources from your Google Cloud Platform account, click Add as a source.
Tenable Attack Surface Management adds the sources from Google Cloud Platform.
Note: Depending on the number of assets, the process may take some time to complete.