Privilege Escalation With CyberArk Credentials

Tenable Nessus Manager supports the use of privilege escalation, such as su and sudo, when using SSH through the CyberArk authentication method.

Requirements:

• CyberArk account
• Nessus Manager account

To configure SSH integration:

1. Select SSH as the Type and CyberArk as the Authentication Method.

   

2. An option for CyberArk elevate privileges with appears near the bottom of the configuration page.

   Note: Multiple options for privilege escalation are supported, including su, su+sudo and sudo. For example, if sudo is selected, additional fields for sudo user, CyberArk Account Details Name and Location of sudo (directory) are provided and can be completed to support authentication and privilege escalation through CyberArk Password Vault.

   Note: Additional information about all of the supported privilege escalation types and their accompanying fields can be found in the Nessus User Guide.

   

3. Configure each field for SSH authentication. See the Nessus User Guide to get detailed descriptions for each option.

   

   Note: The Username option also adds the Address parameter of the API query and assigns the target IP of the resolved host to the Address parameter. This may lead to failure to fetch credentials if the CyberArk Account Details Address field contains a value other than the target IP address.

4. Click Save.