Connectors

The following is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Product Offering.

What is a Connector ?

Tenable Exposure Management ingests security and inventory data from existing tools, such as vulnerability scanners, cloud providers, inventory tools, and SCA/SAST/DAST applications. Connectors are integration modules that allow Tenable Exposure Management to sync with third-party security and inventory tools. They ingest asset and vulnerability data from external platforms and display it alongside Tenable-native data in a single, unified interface.

Why Integrate

The connectors integrate with the vendor tool to pull and ingest assets and vulnerability data into Tenable Exposure Management. Once the integration is complete, the platform analyzes the data to correlate, consolidate, and contextualize the ingested data to impact risk and remediation priority.

Important: When using Tenable Exposure Management connectors, Tenable recommends allow-listing the IP addresses for the region in which the Tenable Vulnerability Management site resides.

Supported Integrations (Connectors)

Supported integrations include a variety of security tools and asset inventory from various vendors. Such security tools are:

  • DAST

  • CSPM

  • CWPP

  • IoT

  • Network Scanners

  • Endpoint Security

  • Bug Bounty

  • ASM

  • Asset Inventory

Over time, Tenable will continue to add connectors to the Connectors Library in Tenable Exposure Management.

For the complete list of supported integrations, see Supported Third-Party Integrations

Connectors Guides

Each connector has a dedicated guide. These guides are extensive and include all relevant information for configuring a specific connector. The guides are available within the Exposure Management User Guide.

Ingested Data

Tenable Exposure Management ingests assets, vulnerabilities (weaknesses), and findings from third-party vendors.

  • Assets: Any IT or security element in your organization such as user accounts, computers, and software. An asset is any object that represents a part of your organization's attack surface. Third party assets are defined as hosts, code projects, images, websites, or cloud resources ingested from a non-Tenable source.

    For a complete list of ingested asset types, see Asset Classes.

  • Weaknesses: A weakness is a vulnerability or a misconfiguration on your assets. A weakness is an aggregation of findings grouped by name or detection across one or more assets.
  • Findings: A finding is a single instance of a vulnerability (weakness or misconfiguration) appearing on an asset, identified uniquely by plugin ID, port, and protocol.
Important! On connector creation, it can take up to one hour for connector data to appear within Tenable Exposure Management.

Interacting with Connector Data in Tenable Exposure Management

As connectors ingest asset, vulnerability, and findings data from third-party platforms, Tenable Exposure Management consolidates this information into its unified data model. Once ingested, the data becomes available across the platform—enabling you to view, analyze, and prioritize it alongside Tenable-native data.

View and Manage your Connectors

To view your connectors:

  1. In the left navigation menu, click Connectors.

    Here you can see a list of your configured connectors.

Here you can:

  • Manage your connectors.

  • Use the Search text box to search the list for a specific connector.

  • Use the drop-down box to select a Status by which to filter the connectors page.

    Tip: For more information, see Connector Data Status.

Resources Within this Guide

Review the following resources within this guide to familiarize yourself with connector best practices and frequently asked questions: