Impelix IMPACT Integration
with Tenable
The Impelix IMPACT platform ingests telemetry from your all your security products as well as third-party feeds (threat intelligence, cybersecurity risk, business resilience intelligence, etc.) and delivers event correlation, security control efficacy, and compliance monitoring.
We believe that the more data ingested into IMPACT, the more context you will have regarding security incidents, which will allow effective and efficient incident response and compliance management. Therefore, we encourage and facilitate connecting vendor products telemetry with Impelix IMPACT platform.
Tenable
Connecting to Tenable.io
IN TENABLE CONSOLE
To generate API keys for your own account in the new interface:
- Do one of the following:
- In the upper-left corner, click the button. The left navigation plane appears.
- In the left navigation plane, click Settings. The Settings page appears.
- Click the My Account tile. The My Account page appears.
- In the upper-left corner, click the button. The left navigation plane appears.
-
In the upper-right corner, click the button. The user account menu appears.
- Click My Account. The My Account page appears.
- Click the API Keys tab. The API Keys section appears.
-
Click Generate. The Generate API Keys window appears with a warning.
- Caution: Any existing API keys are replaced when you click the Generate button. You must update the applications where the previous API keys were used.
- Review the warning and click Generate.Tenable.io generates new access and secret keys and displays the new keys in the Custom API Keys section of the page.
- Copy the new access and secret keys to a safe location.
- Caution: Be sure to copy the access and secret keys before you close the API Keys tab. After you close this tab, you cannot retrieve the keys from Tenable.io.
NOTE: Be sure API Key is for Tenable Vulnerability Management.
Impelix IMPACT Configuration
- Go to Admin > SOAR > Tenable Platform > Config
- Click the checkbox for Enable the Tenable Platform API
- Server: https://cloud.tenable.com
- Paste the Access Key and Secret Key
- Click the disk icon (Save)
- Click Jobs and go to Artifacts from Tenable Vuln Mgmt
- Select Triggers, expanding Manual Trigger and Interval Trigger
- Toggle both to State: ENABLED
- The Interval Trigger is set to 2 hours by default, but you can update it to what best suits your organization. (Recommended: 10 minutes)
- Click the disk icon (Save)