Add a Web Application Scanner

You can add a Tenable Web App Scanning scanner to Tenable Security Center using a Docker container or a Tenable Core appliance.

Add a Docker-based Web Application Scanner

Required Tenable Security Center User Role: Administrator

Before you begin

To add a Tenable Web App Scanning instance to Tenable Security Center:

  1. Log in to Tenable Security Center via the user interface.

  2. In the left navigation, click Resources > Web Application Scanners.

    The Web Application Scanners page appears.

  3. At the top of the table, click Add.

    The Add Web Application Scanner panel appears.

  4. Configure the Web Application Scanner.

    1. In the Linking Key section, click Copy to copy the linking key to your clipboard.

    2. Configure the Web Application Scanner, as described in Web App Scans.

    3. Start the Docker container using the following command, where:

      • <scanner_name> is a unique name for the scanner.

      • <SP_URL> is the Sensor Proxy URL.

      • <linking_key> is the linking key you copied in step 4a.

      Copy
      docker run -d -e WAS_SCANNER_NAME=<scanner_name> -e WAS_PLATFORM_URL=<SP_URL> -e WAS_LINKING_KEY=<linking_key> tenable/was-scanner:latest
  5. The scanner appears in the Web Application Scanners table.

What to do next:

  • Before you use a Web Application Scanner, add the scanner to a Scan Zones.

Add a Tenable Core Web Application Scanner

Required Tenable Security Center User Role: Administrator

Before you begin:

  • Install Tenable Sensor Proxy and link it to Tenable Security Center. For more information, see Sensor Proxies.

To add a Tenable Core Tenable Web App Scanning scanner to Tenable Security Center:

  1. Log in to Tenable Security Center via the user interface.

  2. In the left navigation, click Resources > Web Application Scanners.

    The Web Application Scanners page appears.

  3. At the top of the table, click Add.

    The Add Web Application Scanner panel appears.

  4. In the Linking Key section, click Copy to copy the linking key to your clipboard.

  5. Log in to Tenable Core via a browser.

  6. In the left navigation menu, click Web App Scanning.

    The Tenable Management Platform Link window appears.

  7. In the Linking Key box, paste the linking key you copied in step 4.

  8. In the Scanner Name box, type a name for the scanner.

  9. In the Tenable Management Platform URL box, type https://<sensor_proxy_host>, where sensor_proxy_host is the hostname or IP address of your Tenable Sensor Proxy.

  10. Click Activate Scanner.

    The scanner appears in the Web Application Scanners table in Tenable Security Center.

What to do next: