Tenable Nessus Priority Scanning for CyberArk

Tenable Nessus sets a priority system that allows for flexible querying. The following is set out to describe the order Tenable Nessus tries values and the logic behind it.

1. Tenable Nessus queries CyberArk with the target value entered into the Tenable NessusTargets configuration field. For example, if you put a FQDN in the target list, Nessus will query CyberArk with the address value of the FQDN. If you enter an IP address or range such as 192.0.2.1-20, Tenable Nessus tries to query using the IP address or IP range of the target system(s) in the CyberArk Address value. If the target system uses FQDN and can be resolved, it is contacted.
2. If the target value fails, Tenable Nessus then looks to see if there is a domain value (for a Windows system). If a domain value is present, Tenable Nessus queries CyberArk using the domain value for the address value to attempt to use domain credentials.
3. If the configured target value and the domain value both fail, Tenable Nessus then pulls the IP address of the system. If the IP address does not match one of the IP addresses supplied in the target list, Tenable Nessus then queries CyberArk using the IP address of the target itself. This is checked against the target value in the configuration to prevent querying CyberArk twice with the same value.