Tenable One Open Connector Mapping

Mapping Behavior and Limitations

This section outlines the expected behavior and logic rules that govern how source file columns are mapped to Tenable Exposure Management attributes during the Tenable One Open Connector configuration process.

These rules ensure consistent data transformation, accurate field population, and help prevent unintended data loss. Understanding the logic behind standard one-to-one mappings, supported exceptions, and system-enforced constraints is essential for configuring a successful data import using the Tenable One Open Connector.

Many-to-One Mapping Exceptions (Multi-Value Fields)

By default, if you map multiple source columns to a single-value Tenable Exposure Management attribute, the last mapped column overwrites previous values. However, the following fields accept data from multiple source columns and concatenate the values.

Supported Multi-Value Tenable Exposure Management Fields	Ingestion Example
Asset > MAC Addresses Asset > IPs (IPv4 Addresses) Asset > External Tags Asset > Custom Attributes Finding > Custom Attributes	If you map several source columns (for example, ip1, ip2, and ip3) to Asset > IPs, the system concatenates the values into a comma-separated list during ingestion.

External Tags Prefixing Behavior

Tenable Exposure Management automatically adds context to mapped external tags.

Expected Behavior	Purpose	Example
When you map any column to Assets > External Tags, Tenable Exposure Management adds the source column name to the tag value.	This enables better filtering and traceability in Tenable Exposure Management.	If the column Business_Unit contains Finance, it becomes: Business_Unit: Finance.

Mandatory Fields

To proceed with syncing the connector, you must define certain mandatory fields. These fields vary based on the selected asset type.

For Assets:

Asset Type	Required Fields
Device	At least one of the following: Assets > Asset Name Assets > IPv4 Addresses Assets > Device System Type
Container	Assets > Asset Name
Web Applications	Assets > Asset Name
Resource (Cloud)	Assets > Asset Name

For Findings:

Attribute	Required Fields
Finding Attributes (Common)	Severity
Findings > Finding Name	Finding Name

Mapping Reference Tables

The following reference tables displays the available mapping options when configuring the Tenable One Open Connector. They are designed to help you align your source file columns with the correct Tenable Exposure Management attributes based on the selected asset type.

Tip: For full setup instructions and usage details, see Tenable One Open Connector.

Device Mapping

Attributes in Source File	Available Mapping Options in Tenable Exposure Management	Notes
Asset Attributes (Common)	Assets > External Tags	Maps all fields from the ingested type to be asset tags in the platform.
	Assets> Created Date	None
	Assets > Last Observed At	None
	Assets > Custom Attributes	Maps to general asset metadata that doesn't fit a standard field.
Asset Attributes (Device Specific)	Assets > Asset Name	None
	Assets > Host Fully Qualified DNS	Maps FQDN.
	Assets > Operating Systems	None
	Assets > OS Version	None
	Assets > Device System Type	Maps cloud_instance_id.
	Assets > MAC Addresses	None
	Assets > IPv4 Addresses	None
Finding Attributes (Common)	Findings > Finding Name	Maps the title or name of the vulnerability and/or weakness.
	Findings > Description	Maps the description of the vulnerability and/or weakness.
	Findings > Severity	Maps CVSS score.
	Findings > CVEs	None
	Findings > CWEs	None
	Findings > State	Maps the findings status (e.g., Open, Fixed, Closed).
	Findings > First Seen (observed)	None
	Findings > Last seen (Observed)	None
Finding Attributes (Device Specific)	Findings > Port	None
	Findings > Protocol	None
	Findings > Package Version	None
	Findings > Package	None

Web Applications Mapping

Attributes in Source File	Available Mapping Options in Tenable Exposure Management	Notes
Asset Attributes (Common)	Same as in Device (Common Finding Attributes)	None
Asset Attributes (WebApp Specific)	Assets > Asset Name	Maps to the primary name or identifier of the web application.
Asset Attributes (WebApp Specific)	Assets > Webapp Homepage Screenshot Url	None
Finding Attributes (Common)	Same as in Device (Common Finding Attributes)	None
Finding Attributes (WebApp Specific)	Findings > URL	Maps The specific URL or endpoint where the finding was detected.

Resources (Cloud) Mapping

Attributes in Source File	Available Mapping Options in Tenable Exposure Management	Notes
Asset Attributes (Common)	Same as Device (Custom Attributes, Tags, Dates)	None
Asset Attributes (Cloud Resources Specific)	Assets > Asset Name	None
	Assets > Cloud Provider	Maps the service provider (e.g., AWS, Azure, GCP).
	Assets > Cloud Resource Type	Maps the type of resource (e.g., S3 Bucket, Azure VM, GCP Instance).
	Assets > External Identifier	Maps a unique identifier, typically the ARN or equivalent ID from the cloud provider.
Finding Attributes (Common)	Same as in Device (Common Finding Attributes)	None

Containers Mapping

Attributes in Source File	Available Mapping Options in Tenable Exposure Management	Notes
Asset Attributes (Common)	Same as Device (Custom Attributes, Tags, Dates)	None
Asset Attributes (Containers Specific)	Asset Name	None
	Assets > Operating Systems	None
	Assets > Container Image Path	Maps the full path and/or registry location of the image.
	Assets > Image Digest	Maps the SHA-256 cryptographic hash of the container image content.
	Assets > Container Image Tags	None
Finding Attributes (Common)	Same as in Device (Common Finding Attributes)	None