Windows Integration

To configure Tenable for Senhasegura using Windows integration:

  1. Log in to your Tenable user interface.

  2. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  3. In the left navigation plane, click Scans.

    The Scans page appears.

  4. In the upper-right corner of the page, click the Create a Scan button.

    The Select a Scan Template page appears.

  5. Select a scan template.

    The scan configuration page appears.

  6. In the Name box, type a name for the scan.

  7. In the Targets box, type an IP address, hostname, or range of IP addresses.
  8. (Optional) Add a description, folder location, scanner location, and specify target groups.

  9. Click the Credentials tab.

    The Credentials pane appears.

  10. In the Select a Credential menu, select the Host drop-down.

  11. Select Windows.

    The Settings pane appears.

  12. In the Auth Type drop-down box, click Tenable for Senhasegura Secret Server.

    The Tenable for Senhasegura Secret Server options appear.

  13. Configure each option for the Windows authentication.

    Option Description Required

    Senhasegura Host

    The IP address or URL for the Senhasegura host.

    yes

    Senhasegura Port

    The port on which the Senhasegura API communicates. By default, Tenable uses 443.

    yes

    Senhasegura API Client ID

    The Client ID for the applicable Senhasegura A2A Application for Oauth 2.0 API authentication.

    yes
    Senhasegura API Secret ID The Secret ID for the applicable Senhasegura A2A Application for Oauth 2.0 API authentication.

    yes
    Domain The domain to which the username belongs.

    no
    Senhasegura Credential ID or Identifier The credential ID or identifier for the credential the you are requesting to retrieve.

    yes

    Private Key File

    The Private Key used to decrypt encrypted sensitive data from A2A.

    Note: You can enable encryption of sensitive data in the A2A Application Authorizations. If enabled, the user must provide a private key file in the scan credentials. This can be downloaded from the applicable A2A application in Senhasegura.

    Required if you have enabled encryption of sensitive data in A2A Application Authorizations.

    HTTPS

    This is enabled by default.

    yes

    Verify SSL Certificate

    This is disabled by default.

    no

  14. Do one of the following:

    • If you want to save without launching the scan, click Save.

    • If you want to save and launch the scan immediately, click Save & Launch.

      Note: If you scheduled the scan to run at a later time, the Save & Launch option is not available.

  1. Log in to Tenable Security Center.

  2. Click Scanning > Credentials (administrator users) or Scans > Credentials (organizational users).

    The Credentials page appears.

  3. Click Add.

    The Credential Templates page appears.

  4. In the Miscellaneous, API Gateway, Database, SNMP, SSH, or Windows, or Web Authentication sections, click the tile for the specific method you want to configure.

    The Add Credentials configuration page appears.

  5. In the Name box, type a name for the credentials.
  6. In the Description box, type a description for the credentials.
  7. (Optional) Type or select a Tag. For more information, see Tags in the Tenable Security Center User Guide.

  8. Configure each option for the Database authentication.

    Option Description Required

    Senhasegura Host

    The IP address or url for the Senhasegura host.

    yes

    Senhasegura Port

    The port on which the Senhasegura API communicates. By default, Tenable uses 443.

    yes

    Senhasegura API Client ID

    The Client ID for the applicable Senhasegura A2A Application for Oauth 2.0 API authentication.

    yes
    Senhasegura API Client Secret ID The Secret ID for the applicable Senhasegura A2A Application for Oauth 2.0 API authentication.

    yes
    Domain The domain to which the username belongs. no
    Senhasegura Credential ID or Identifier The credential ID or identifier for the credential that you are requesting to retrieve.

    yes

    Private Key File

    The Private Key used to decrypt encrypted sensitive data from A2A.

    Note: You can enable encryption of sensitive data in the A2A Application Authorizations. If enabled, you must provide a private key file in the scan credentials. This can be downloaded from the applicable A2A application in Senhasegura.

    Required if you have enabled encryption of sensitive data in A2A Application Authorizations.

    HTTPS

    This is enabled by default.

    yes
    Use SSL When enabled, Tenable Security Center uses SSL for secure communications. This setting is enabled by default. no

    Verify SSL Certificate

    When enabled, Tenable Security Center validates the SSL certificate. This setting is disabled by default.

    no

  9. Click Submit.

    Tenable Security Center saves your configuration.