Connectors

The following is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Product Offering.

What is a Connector

Tenable Exposure Management ingests data from existing security tools, such as vulnerability scanners, cloud providers, inventory tools, SCA/SAST/DAST, and more. Connectors are how Tenable Exposure Management syncs and integrates with those tools and third-party data.
When successfully configuring an integration, Tenable Exposure Management syncs with the tool and the relevant data is ingested into Tenable Exposure Management.

Third party connectors in Tenable Exposure Management allow you to ingest data from applications outside of Tenable (third-party data) and display it alongside your Tenable product data in one seamless interface.

Tip: For information on connector Best Practices and FAQs, see the Tenable Exposure Management Third-Party Connectors Quick Reference Guide.

Why Integrate

The connectors integrate with the vendor tool to pull and ingest assets and vulnerability data into Tenable Exposure Management. Once the integration is complete, the platform analyzes the data to correlate, consolidate, and contextualize the ingested data to impact risk and remediation priority.

Important: When using Tenable Exposure Management connectors, Tenable recommends allowlisting the IP addresses for the region in which the Tenable Vulnerability Management site resides.

Supported Integrations (Connectors)

Supported integrations include a variety of security tools and asset inventory from various vendors. Such security tools are:

  • DAST

  • CSPM

  • CWPP

  • IoT

  • Network Scanners

  • Endpoint Security

  • Bug Bounty

  • ASM

  • Asset Inventory

Over time, Tenable will continue to add connectors to the Connectors Library in Exposure Management.

For the complete list of supported integrations, see Supported Third-Party Integrations

Ingested Data

Exposure Management ingests assets, vulnerabilities (weaknesses), and findings from third-party vendors.

  • Assets: An asset is any object that represents a part of your organization's attack surface. Third party assets are defined as hosts, code projects, images, websites, or cloud resources ingested from a non-Tenable source.

    For a complete list of ingested asset types, see Asset Classes.

  • Weaknesses: Weaknesses are vulnerabilities and misconfigurations on your assets.
  • Findings: A finding is a single instance of a vulnerability (weakness or misconfiguration) appearing on an asset, identified uniquely by plugin ID, port, and protocol.

View and Manage your Connectors

To view your connectors:

  1. In the left navigation menu, click Connectors.

    Here you can see a list of your configured connectors.

Here you can:

  • Manage your connectors.

  • Use the Search text box to search the list for a specific connector.

  • Use the drop-down box to select a Status by which to filter the connectors page.

    Tip: For more information, see Connector Status.