Welcome to Tenable for CyberArk

Last Updated: April 01, 2026

Security administrators know that conducting network vulnerability assessments means getting access to and navigating an ever-changing sea of usernames, passwords, and privileges. By integrating CyberArk with Tenable, customers have more choice and flexibility.

The benefits of integrating Tenable with CyberArk include:

• Credential updates directly in Tenable, requiring less management.
• Reduced time and effort to document credential storage locations in the organizational environment.
• Automatic enforcement of security policies in specific departments or business unit requirements, simplifying compliance.
• Reduced risk of unsecured privileged accounts and credentials across the enterprise.

What information does the CyberArk integration collect?

Tenable’s CyberArk integration provides PAM support for the following credential types: SSH, Windows, Database, VMware, Nutanix and SNMPv3. For these credential types, the integration collects usernames, passwords, and SSH keys. The scanner uses these values to authenticate to the target(s) listed in the scan’s settings, instead of these values needing to be manually entered.

To use the CyberArk integration, select CyberArk as the authentication method of one of the supported credential types.

Information collected with Auto-Discovery

CyberArk with Auto-Discovery is also available for Windows, SSH and Database credential types. For Auto-Discovery, the integration also collects host names or addresses, along with their respective credentials.