---
title: Tenable Security Center
aliases: ["/docs/tenable-sc/"]
---
<!-- licenses: community, platform -->

runZero integrates with Tenable Security Center (previously ((Tenable.sc))) by importing data from the Tenable Security Center [API](https://docs.tenable.com/security-center/api/).

## Getting started with Tenable Security Center {#tenablesc-getting-started}

To set up an integration with Tenable Security Center, you'll need to:

1. Create an API key for a user that has access to view and query vulnerabilities in Tenable Security Center.
1. Configure the Tenable Security Center credential in runZero.
1. Choose whether to configure the integration as [a scan probe or connector task](integrations-inbound.md#integration-probe-connector).
1. Activate the integration to pull your data into runZero. 

## Requirements {#tenablesc-requirements}

Before you can set up the Tenable Security Center integration:

* Make sure you have administrator access to the Tenable Security Center portal. 

## Step 1: Create an API key {#tenablesc-step1}

1. Sign in to Tenable Security Center with an Administrator account. 
1. Make sure [API key authentication is enabled](https://docs.tenable.com/security-center/Content/EnableAPIKeys.htm)
1. Go to **Users** > **Users**. 
1. Check the box for the user you want to create an API key for. **Note**: The API key will have the same access as the user you select. Make sure the user has access to view and query vulnerabilities in the desired organization. 
1. At the top of the table, click the **API Keys** > **Generate API Key** option. 
1. Click **Generate** to create the API token, and then download or copy it.

## Step 2: Add the Tenable Security Center credential to runZero {#tenablesc-step2}

1. Go to the [Credentials page](https://console.runzero.com/credentials/new) in runZero. Provide a name for the credentials, like `Tenable Security Center`.
1. Choose **Tenable Security Center Access & Secret** from the list of credential types.
1. Generate your Tenable Security Center API key as directed in [Step 1](#tenablesc-step1), and then provide the following information:
    * **Access key** - Your 64-character Tenable Security Center access key. 
    * **Secret key** - Your 64-character Tenable Security Center secret key.
1. If you want other organizations to be able to use this credential, select the _Make this a global credential_ option. Otherwise, you can configure access on a per-organization basis. 
1. Save the credential. 

You're now ready to set up and activate the connection to bring in data from Tenable Security Center. 

## Step 3: Choose how to configure the Tenable Security Center integration {#tenablesc-step3}
The Tenable Security Center integration can be configured as either a [scan probe or a connector task](integrations-inbound.md#integration-probe-connector). Scan probes gather data from integrations during scan tasks. Connector tasks run independently from either the cloud or one of your Explorers, only performing the integration sync. If you are integrating with an internal Tenable Security Center instance, we recommend setting up a connector to run from one of your explorers. Otherwise, if you are integrating with an external-facing Tenable Security Center instance, you can set up a connector to run from the cloud. If you are self-hosting runZero, you can run the connector from an explorer or from your runZero host, whichever can reach your Tenable Security Center install.

## Step 4: Set up and activate the integration to sync data {#tenablesc-step4}
After you add your credential, you'll need to sync your data from Tenable Security Center.

### Step 4a: Configure the Tenable Security Center integration as a connector task {#tenablesc-step4a}
A connection requires you to specify a schedule which determines when the sync occurs.

1. Activate a connection to [Tenable Security Center](https://console.runzero.com/ingest/tenablesecuritycenter). You can access all available third-party connections from the [integrations page](https://console.runzero.com/integrations), your [inventory](https://console.runzero.com/inventory), or the [tasks page](https://console.runzero.com/tasks). 
1. Choose the credentials you added earlier. If you don't see the credentials listed, make sure the credentials have access to the organization you are currently in. 
1. Configure the _Tenable Security Center query mode_ setting (optional).
    * Select _Define filters_ to define a filter based on [vulnerability severity and risk level](docs/tenable.md/#tenable-scoring).
        **Note**: Much of the host information provided by Tenable is from Info-level plugins, so if you only import higher levels of severity you may not see much information about assets.
    * Select _Use existing query ID_ to provide the Tenable Security Center query to use. 
        **Note**: The query must be the _Vulnerability_ type and use the _Vulnerability Detail List_ tool.
1. Set the **Fingerprint only** toggle to _Yes_ if you want vulnerability records to be ingested for fingerprint analysis but not stored in your runZero vulnerability inventory (optional).
1. Enter a name for the task, like `Tenable Security Center sync` (optional). 
1. Choose the Explorer to perform this connector task from (optional).
1. Choose the site you want to configure the connector for.
1. Enter a description for the task (optional).
1. Schedule the sync. A sync can be set to run on a recurring schedule or run once. The schedule will start on the date and time you have set. 
1. Activate the connection when you are done. The sync will run on the defined schedule. You can always check the [Scheduled tasks](https://console.runzero.com/tasks) to see when the next sync will occur. 

### Step 4b: Configure the Tenable Security Center integration as a scan probe {#tenablesc-step4b}
You can run the Tenable Security Center integration as a scan probe so that the runZero Explorer will pull your vulnerability data into the runZero Console. 

In a new or existing scan configuration:
* Ensure that the _TENABLESECURITYCENTER_ option is set to _Yes_ in the _Probes and SNMP_ tab and change any of the default options if needed.
* Optionally, set the [severity and risk levels](tenable.md/#tenable-scoring) for ingested vulnerability scan results or provide a query ID.
* Set the correct `TenableSecurityCenter` credential to _Yes_ in the _Credentials_ tab.

### Step 5: View Tenable Security Center assets and vulnerabilities {#tenablesc-step5}

After a successful sync, you can [go to your inventory](https://console.runzero.com/inventory) to view your Tenable Security Center assets. These assets will have a Tenable icon listed in the **Source** column.

The Tenable Security Center integration gathers details about vulnerabilities detected in addition to enriching asset inventory data. Go to **Inventory** > [**Vulnerabilities**](https://console.runzero.com/inventory/vulnerabilities) to view the vulnerability data provided by Tenable Security Center.

To filter by Tenable Security Center assets, consider running the following queries:

* [View all Tenable Security Center assets](https://console.runzero.com/inventory?search=source%3Atenablesecuritycenter): 
     ```
     source:tenablesecuritycenter
    ```

* [View all Tenable Security Center vulnerabilities](https://console.runzero.com/inventory/vulnerability?search=source%3Atenablesecuritycenter):
    ```
    source:tenablesecuritycenter
    ```

Click into each asset or vulnerability to see its individual attributes. runZero will show you the attributes gathered from the Tenable Security Center API.