REST messages for the Tenable Vulnerability Integration

Release version: Washingtondc

Updated January 30, 2025

2 minutes to read

Summarize

Summarized using AI

Summary of REST messages for the Tenable Vulnerability Integration

The ServiceNow® Tenable Vulnerability Integration includes REST messages that facilitate communication with the Tenable API, enabling the retrieval of assets, plugins, and vulnerabilities data. These integrations are crucial for maintaining compliance and understanding your organization's security posture.

Show full answer Show less

Key Features

Tenable.io Assets REST Message: Retrieves asset information using filters to ensure only relevant assets are included.
Tenable.io Plugins REST Message: Accesses plugin information necessary for vulnerability assessments.
Tenable.io Vulnerabilities REST Message: Gathers information on both open and closed vulnerabilities.
Tenable.sc Queries REST Message: Retrieves configured query filter information for asset and vulnerability integration.
Tenable.sc Plugins REST Message: Obtains plugin data necessary for vulnerability management.
Tenable.sc Vulnerabilities REST Message: Fetches vulnerability data, including patched vulnerabilities.
Tenable.sc Scan REST Message: Initiates scans based on specified policies and plugins.
Tenable.cs GraphQl REST Message: Gathers information on container assets and vulnerabilities.

Key Outcomes

By utilizing these REST messages, ServiceNow customers can efficiently pull in critical security data from Tenable products, leading to enhanced visibility into vulnerabilities and security compliance. This integration supports proactive risk management and helps organizations respond effectively to potential threats.

The ServiceNow® Tenable Vulnerability Integration REST messages are used to make calls to the Tenable API.

Tenable.io Assets REST message

The Tenable.io Assets REST message retrieves Assets information for the Tenable.io Asset Integration. Changes to the REST message method record impact the requests made to Tenable.io to retrieve assets information. The export job for assets is submitted with the following filters:

"is_deleted": false
"is_licensed": true

Tenable.io Plugins REST message

The Tenable.io Plugins REST message retrieves Plugin information for the Tenable.io Plugin Integration. Changes to the REST message method record impact the requests made to Tenable.io to retrieve plugins information.

Tenable.io Vulnerabilities REST message

The Tenable.io Vulnerabilities REST message retrieves vulnerability information for both Open and Closed vulnerabilities from the Tenable.io Vulnerability Integration. Changes to the REST message method record impact the requests made to Tenable.io to retrieve vulnerabilities information.

Tenable.sc Queries REST message

The Tenable.sc Queries rest message retrieves the query filter information for the Tenable.sc Asset integration and Tenable.sc vulnerabilities integration where the query filter is configured.

Tenable.sc Plugins REST message

The Tenable.sc Plugin REST message retrieves plugin information for the Tenable.sc Plugins Integration. Changes to the REST message Get Plugins method record impact the requests made to Tenable.sc to retrieve plugins information.


Parameter name	Value	Description
type	active	Indicates the source Tenable pulls data from. Used by code. Changes aren’t recommended.
fields	id, description, cvssVector,cvssV3Vector, cvssV3TemporalVector, synopsis, cvssVector, baseScore,temporalScore, cvssV3Vector,cvssV3BaseScore, cvssV3TemporalScore, name, vprScore, vprContext, pluginPubDate, pluginModDate, xrefs, family, riskFactor, cpe, seeAlso, solution, exploitAvailable, exploitFrameworks, type, copyright, version, sourceFile, dependencies, requiredPorts, requiredUDPPorts, srcPort, dstPort,protocol, checkType, cvssVectorBF, stigSeverity, patchPubDate, patchModDate, vulnPubDate, modifiedTime, md5	Indicates the list of fields imported from Tenable.

Tenable.sc Vulnerabilities REST message

The Tenable.sc vulnerabilities REST message retrieves vulnerability information from the Tenable.sc Integration. Changes to the REST message Fetch Vulnerabilities or Fetch Patched Vulnerabilities method or, starting with v14.0 Vulnerability Response and v2.2 of the Tenable Vulnerability Integration, Fetch Backfill Vulnerabilities record impact the requests made to Tenable.sc to retrieve vulnerabilities information.

Tenable.sc Scan Credentials REST message

Tenable.sc Policy REST message: The Tenable.sc policy POST REST message adds a policy for requested plugins. Generated policy is used in Tenable.sc scan requests.
Tenable.sc Scan REST message: The Tenable.sc scan POST REST message adds a scan that is dependent on the access and permission defined in the request body of the rest message. It uses policy, plugin id, and IP(s) in the request body for the scan request.
Tenable.sc Scan Result REST message: The Tenable.sc Scan Result GET REST message provides scan details of the scan generated using the Scan REST message. It uses the scanResultId in the response of the scan REST messages and retrieves scan details for the triggered scan.
Tenable.sc Scan Credentials: The Tenable.sc scan credentials REST message retrieves the credentials information from Tenable.sc. Changes to the REST message 'Import' method record impact the requests made to Tenable.sc to retrieve the credentials information.


Parameter name	Value	Description
fields	id,name,description,type	Indicates the list of fields imported from Tenable.sc
filter	usable	Indicates that the integration pulls only usable credentials from Tenable.sc Changes to either of the parameters isn’t recommended.

Tenable.cs GraphQl REST message: The Tenable.cs GraphQl REST message retrieves container asset information, host, and container vulnerability information for Tenable.cs Integration. Changes to the REST message Fetch Container Assets, Fetch Container Vulnerabilities, Fetch Compute Vulnerabilities method record impact the requests made to Tenable.cs to retrieve asset and vulnerabilities information.