TOC & Recently Viewed

Recently Viewed Topics

Integrating With CyberArk Enterprise Password Vault

Configuring credentialed network scans using CyberArk’s password management solution is a simple process. CyberArk integration with Nessus is seamless, so credentials are configured similarly to other credentialed network scans.

  1. Log in to Nessus.
  2. Click Scans.
  3. Click + New Scans.

  4. Select a Scan Template for the scan type required for your scan. For demonstration purposes, the Advanced Network Scan template is used.

  5. To configure a credentialed scan for Windows systems using CyberArk, enter a descriptive Name, the IP address(es) or hostname(s) of the scan Targets.

  6. Once the Name and Targets have been configured, click Credentials (highlighted below) and then select Windows from the left-hand menu (highlighted below).

  7. Click the Authentication method drop-down and select CyberArk.

  8. Configure each field for Windows authentication. See the Credentials section in the Nessus User Guide for detailed descriptions for each field option.

    Caution: Tenable strongly recommends encrypting communication between the Nessus scanner and the CyberArk AIM gateway using HTTPS and/or client certificates. For information on securing the connection, refer to the Nessus User Guide and the Central Credential Provider Implementation Guide located at cyberark.com (login required).

  1. Click Save.
  2. To verify the integration is working, click the Launch button (highlighted below) to initiate an on-demand scan.

  3. Once the scan has completed, select the completed scan and look for the corresponding Login Successful id (see chart below), which validates that authentication was successful. If the authentication is not successful, refer to the Debugging CyberArk Issues section of this document.

    Plugin Type Plugin ID
    Postgres 91826
    SQL 91825
    MySQL 91823

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.