Skip to main content

Integrating with Tenable Vulnerability Management – Full Guide

Step-by-step guide to integrating Tenable Vulnerability Management with Hyver.

Updated over 3 months ago

1. Introduction

Tenable Vulnerability Management is a cloud-based platform that helps you stay ahead of security risks by detecting vulnerabilities across all your connected assets. Whether it’s servers, network devices like routers, switches, and firewalls, office peripherals such as IP-based printers, or employee workstations — if it has an IP address, Tenable vulnerability management can assess it.

Note: Tenable Vulnerability Management® was previously known as Tenable.io. Throughout this guide, the terms “Tenable” and “Tenable Vulnerability Management” are used interchangeably — they both refer to the same platform.

File:Tenable, Inc. logo.svg - Wikimedia Commons

By continuously scanning your environment, Tenable vulnerability management gives you a clear picture of your security posture and helps you prioritize the issues that matter most.

To dive deeper into Tenable’s features and capabilities, see the official Tenable Vulnerability Management documentation.

What’s This Guide About?

This guide walks you through integrating Tenable Vulnerability Management with Hyver. Once connected, Hyver can automatically ingest and import assets from your Tenable environment — along with their associated findings — so you can see the full picture of your vulnerabilities in one place. These findings impact your maturity score and Exposure value.

Beyond importing data, Hyver also adds findings related to the integration itself, helping you identify and address issues in configuration and daily operations. This includes checking for common misconfigurations such as incorrect trust settings, improper permissions, or overly broad access levels.

By combining Tenable’s scanning power with Hyver’s risk analysis, you can quickly spot where technical gaps and process issues intersect — and take action to close them.

2. Prerequisites

Before setting up the integration, make sure you have the following in place:

  1. Tenable account credentials – You’ll need valid login details to access the Tenable platform.

  2. Tenable Vulnerability Management API keys – Both the API access key and the API secret key are required to authenticate with the Tenable API.

    • We’ll walk you through generating these keys in the next sections.

    • If you still can’t access the required information after following our steps, please refer to the official Tenable Vulnerability Management documentation for further guidance.

  3. Hyver administrator privileges – Only Hyver admins can add and configure this integration.

Required IP Addresses

For the integration to work smoothly, you may need to allow traffic from Hyver’s servers in your firewall or network configuration. This ensures that Hyver can securely connect to your environment and perform scans without being blocked.

Depending on your region and the type of scan, add the following IP addresses:

  • General IPs:

    • Europe18.198.79.197

    • America52.1.10.176, 35.171.70.87

  • IPs for Azure and AWS Scans:

    • Europe18.158.77.90

    • America34.206.252.13

In most cases, you only need to add the IPs relevant to your region and use case.

Multi-Company Dashboard and Integrations

This section explains how Hyver’s Multi-Company Dashboard works in general, and how integrations behave when used in a Multi-Company setup.

What is the Multi-Company Dashboard?

Hyver’s Multi-Company Dashboard is designed for large enterprises with multiple subsidiaries. It gives you:

  • A centralized view of cybersecurity risk across the entire organization

  • Key metrics like exposure, cost of breach, and maturity scores

  • The ability to switch between subsidiaries and view their individual data

  • Parent admins and power users can view aggregated and subsidiary-level risk, while detailed findings remain visible only to members of the specific subsidiary

  • Data that updates in real time

To enable Multi-Company, contact your CYE Technical Account Manager.

How Integrations Work in Multi-Company

Here’s the important part:

  • Integrations are created only at the subsidiary level

  • Findings from an integration appear only in that subsidiary’s dashboards and reports

  • Parent companies cannot create integrations — they can only view the aggregated results

Best Practices for Combining Integrations with Multi-Company

To get the most out of Multi-Company with integrations, we recommend:

  • Each subsidiary should create its own integration, using credentials that only grant access to data relevant to that subsidiary

  • In some cases, it’s useful to also have a dedicated “General” company, which holds findings that apply to the entire enterprise and cannot be tied to a single subsidiary

  • The parent company then combines these insights and metrics from all subsidiaries and the General company — but remember, integrations cannot be connected directly to the parent company.

3. Configuring on the Tenable Vulnerability Management Side

In this section, we’ll walk through the steps to set up the integration between Tenable Vulnerability Management and Hyver. As part of the process, you’ll also learn how to generate the required API keys in Tenable — so you can enter them into Hyver and complete the connection.

The setup is straightforward and only takes a few steps.

Before Hyver can start creating findings from Tenable data, you’ll need to:

  1. Create the integration in Hyver.

  2. Authenticate with the Tenable Vulnerability Management platform using your API access key and secret key.

Once that’s done, Hyver can securely pull assets and findings from Tenable into your environment.

Follow these steps to connect Tenable Vulnerability Management with Hyver:

Create Your API Keys in Tenable

To generate the API Access Key and API Secret Key in Tenable:

  1. Log in to the Tenable platform.

  2. Go to Access ControlUsers tab.

  3. If you don’t already have a user for the integration, create a new one. In the Create User panel:

    • Set the Role to Basic User (choose from the dropdown):

    • Enable the API Key toggle:

  4. Under Permissions:

    • In the Name column, ensure Can View and Can Scan appear.

    • In the Objects column, select All assets (or the specific assets you want included in the integration).

    • Click Save if you make changes.

  5. Open the newly created (or selected) user’s details. Scroll to the API Keys section.

  6. Click the More button under the section title:

  7. Click Generate API Keys:

    • A warning box will appear — click Replace & Generate:

    • After a short load, you’ll see your Access Key and Secret Key:

  8. Copy both keys — you’ll paste them into Hyver in the next step:

4. Configuring in Hyver

Start the Integration in Hyver

  1. Go to Integrations and Workflows in Hyver.

  2. Scroll down and find the Tenable VM integration card.

  3. Click Add.

  • A setup card will appear where you’ll enter the integration name and your Tenable API credentials (which you created in the previous steps):

  • Click Verify Connection. If successful, you’ll see a green confirmation message.

  • Then Click Save (bottom-right corner).

Troubleshooting

If the connection test fails:

  • Double-check your network connectivity.

  • Verify your credentials are correct and have the required permissions.

  • Try again.

Integration Errors

When configuring this integration, keep the following in mind:

  • If you encounter an invalid authentication error after a successful setup, it may be due to changes made since the integration was first configured.

  • Review any recent changes to credentials, permissions, or API keys, and update the integration details in Hyver if needed.

5. Viewing Results

What Happens After a Successful Integration?

Once the connection is set up, Hyver automatically creates a new technology asset with the following mandatory details:

  • Asset type: VM (Vulnerability Management)

  • Technology name: Tenable Vulnerability Management

  • Engagement: Integration with external tools

This new asset is also automatically mapped to the NIST Cybersecurity Framework (CSF).

In Hyver, technologies represent security tools and systems that can strengthen your organization’s maturity in specific NIST CSF subcategories. They’re factored directly into maturity level calculations, helping you measure how much each tool contributes to improving your cybersecurity posture.

Post-Save Outcomes

Once you save the integration details, here’s what happens automatically:

  1. Findings and remediation assets are populated in Hyver.

  2. An engagement named Integrations with external tools is created.

    • If the engagement already exists, the Tenable Vulnerability Management integration is simply added to it.

  3. On the Integrations page, you’ll now see your Tenable Vulnerability Management integration listed with a Connected status.

Findings and Assets Visibility

  • Findings Page – Any findings imported from Tenable will appear here.

    • To view only findings from Tenable:

      1. Click the small arrow on the Filter tab (on the right side of the screen).

      2. Select Sources.

      3. Filter the view by Tenable.

  • Engagement View

    • Open the Integrations with external tools engagement:

    • Click View engagement assets to confirm that the Tenable Vulnerability Management integration has been added as a technology asset:

Collected Endpoints

Collected endpoints are the specific data sources that Hyver connects to within an external platform. They define which information is pulled into Hyver for analysis and risk assessment.

For the Tenable Vulnerability Management integration, Hyver collects data from the following endpoints:

  • Assets – All networked devices and systems (servers, workstations, printers, etc.) that Tenable tracks.

  • Vulnerabilities – Security weaknesses and exposures identified during Tenable scans.

  • Scans – Details of vulnerability scans run in Tenable, including schedules and results.

  • Users – Accounts and permissions configured in Tenable, which help validate secure setup and usage.

By collecting this information, Hyver can connect Tenable’s technical findings with its own risk modeling, ensuring both vulnerabilities and the way Tenable is managed are reflected in your organization’s cyber risk picture.

6. Types of Fetched Entities

Tenable Vulnerability Management Findings

When Tenable Vulnerability Management is integrated with Hyver, the following types of findings may be created:

  • Configuration-based insights – Issues related to how Tenable is set up and managed.

  • Usage-based insights – Issues observed during ongoing use of the Tenable Vulnerability Management platform.

All Tenable findings in Hyver are linked to NIST subcategories and contribute to the Hyver Maturity assessment.

Examples of Tenable Findings in Hyver

Once the integration is successfully set up, Hyver automatically examines the configuration and setup of your Tenable VM instance. If it detects misconfigurations or gaps in the way Tenable is being used, Hyver generates findings to highlight these issues:

  • Unused Tenable Users – Users configured in the system have not been active for a significant period.

  • Tenable VM Scans Fail to Complete – Scans conducted in the past 7 days failed during execution.

  • Tenable VM Scans Are Not Conducted Regularly – No scan has been run in the past 30 days.

  • Weak Authentication Mechanism for Tenable Users – Multi-factor authentication is not enforced for Tenable users when accessing the environment.

  • Tenable VM Scans Are Not Following Best Practices – Important scan options are not being used, which may result in incomplete findings.

  • Insufficient Handling of Tenable VM Vulnerabilities – Serious vulnerabilities detected by Tenable have not been addressed over an extended period.

  • Tenable VM Scans Executed Only in Safe Checks Mode – In the past 30 days, scans were run in Safe Checks mode, which may return incomplete results.

  • Tenable VM Hosts Not Scanned for a Significant Period – Hosts have not been scanned for at least 30 days.

Maturity View

In the Maturity screen, you’ll see:

  • Tenable Vulnerability Management listed as a technology asset linked to the relevant NIST subcategory.

  • This asset starts with a default maturity level of 3.

  • Linked findings appear with their assigned maturity levels, showing exactly how they contribute to your cybersecurity posture.

7. Deleting the Integration

Deleting the Integration

To remove an existing integration:

  1. Click Delete Integration.

  2. Confirm that you want to delete the integration.

Note: When you delete an integration in Hyver, the connection is immediately terminated. No new data from that integration will be ingested or processed. However, any existing data already in Hyver remains available.

Editing the Integration

Once an integration is set up, you can update its details at any time:

  1. Click Edit Integration.

  2. Make your changes.

  3. Click Save.

Wrap-up

In this article, we covered how to integrate Tenable Vulnerability Management with Hyver — from prerequisites and API key creation to completing the setup and verifying the connection. We reviewed post-save outcomes, where to view findings, the maturity impact, and examples of Tenable findings. We also explained how to edit or delete the integration and troubleshoot common errors, helping you connect the platforms for better visibility and cyber risk management.

Related Articles
Integrating with WIZ – Full Guide
Integrating with Qualys VMDR – Full Guide
Integrating with Rapid7 InsightVM – Full Guide
Integrating with Crowdstrike Falcon – Full Guide
Integrating with SentinelOne – Full Guide
Did this answer your question?