Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Adding a Tenable SecurityCenter Scan

 

You can add a Tenable SecurityCenter scanner to enable JSA to collect host and vulnerability information through the Tenable API.

Verify the location of the API on your Tenable SecurityCenter.

A server certificate is required to support HTTPS connections. JSA supports certificates with the following file extensions: .crt, .cert, or .der. To copy a certificate to the /opt/qradar/conf/trusted_certificates directory, choose one of the following options:

  • Manually copy the certificate to the /opt/qradar/conf/trusted_certificates directory by using SCP or SFTP.

  • SSH into the Console or managed host and retrieve the certificate by using the following command: /opt/qradar/bin/getcert.sh <IP or Hostname> <optional port - 443 default>. A certificate is then downloaded from the specified host name or IP and placed into /opt/qradar/conf/trusted_certificates directory in the appropriate format.

  1. Click the Admin tab.
  2. Click the VA Scanners icon.
  3. Click Add.
  4. In the Scanner Name field, type a name to identify the scanner.
  5. From the Managed Host list, select the managed host from your JSA deployment that manages the scanner import.
  6. From the Type list, select Tenable SecurityCenter.
  7. In the Server Address field, type the IP address of the Tenable SecurityCenter.
  8. In the API Location field, type the path to the API on the Tenable SecurityCenter.

    The default path to the API file for SecurityCenter Version 4 is sc4/request.php.

    The default path to the API file for SecurityCenter Version 5 is rest.

  9. From the API Version list, select the version for your SecurityCenter. For example, Version 4 or Version 5.
  10. In the User Name field, type the user name to access the Tenable SecurityCenter API.
  11. In the Password field, type the password to access the Tenable SecurityCenter API.
  12. Configure a CIDR range for the scanner.

    1. In the CIDR ranges field, type the CIDR range for the scan or click Browse to select a CIDR range from the network list.

    2. Click Add.

  13. Click Save.
  14. On the Admin tab, click Deploy Changes.

You are now ready to create a scan schedule. See Scheduling a Vulnerability Scan.

Related Documentation