Database Integration

To configure Tenable for Senhasegura database for Tenable Vulnerability Management or Tenable Nessus:

  1. Log in to your Tenable user interface.

  2. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  3. In the left navigation plane, click Scans.

    The Scans page appears.

  4. In the upper-right corner of the page, click the Create a Scan button.

    The Select a Scan Template page appears.

  5. Select a scan template.

    The scan configuration page appears.

  6. In the Name box, type a name for the scan.

  7. In the Targets box, type an IP address, hostname, or range of IP addresses.
  8. (Optional) Add a description, folder location, scanner location, and specify target groups.

  9. Click the Credentials tab.

    The Settings pane appears.

  10. Click the Database option.

    The Database options appear.

  11. In the Database Type drop-down box, select Cassandra, Oracle, DB2, MongoDB, PostgreSQL, MySQL, SQL Server, or Sybase ASE.

  12. In the Auth Type drop-down box, click Tenable for Senhasegura Secret Server.

    The Tenable for Senhasegura Secret Server options appear.

  13. Configure each option for the Database authentication.

    Option Description Required

    Senhasegura Host

    The IP address or URL for the Senhasegura host.

    yes

    Senhasegura Port

    The port on which the Senhasegura API communicates. By default, Tenable uses 443.

    yes

    Senhasegura API Client ID

    The Client ID for the applicable Senhasegura A2A Application for Oauth 2.0 API authentication.

    yes
    Senhasegura API Secret ID The Secret ID for the applicable Senhasegura A2A Application for Oauth 2.0 API authentication.

    yes
    Senhasegura Credential ID or Identifier The credential ID or identifier for the credential you are requesting to retrieve.

    yes

    Private Key File

    The Private Key used to decrypt encrypted sensitive data from A2A.

    Note: You can enable encryption of sensitive data in the A2A Application Authorizations. If enabled, you must provide a private key file in the scan credentials. This can be downloaded from the applicable A2A application in Senhasegura.

    Required if you have enabled encryption of sensitive data in A2A Application Authorizations.

    HTTPS

    This is enabled by default.

    yes

    Verify SSL Certificate

    This is disabled by default.

    no

  14. Do one of the following:

    • If you want to save without launching the scan, click Save.

    • If you want to save and launch the scan immediately, click Save & Launch.

      Note: If you scheduled the scan to run at a later time, the Save & Launch option is not available.