Nessus Nessus

Configure the Nessus connector to retrieve VM information from Nessus

Objective

The purpose of this document is to provide you with a procedure for setting up the connection with Nessus. This procedure will enable the retrieval of VM information from Nessus.

Upon completion of this procedure, you will be able to provide us with the following information:

  • Server IP
  • Access Key
  • Secret Key

Creating Access Credentials

  1. In the Nessus console, go to SettingsMy AccountAPI Keys.

nessus_1

  1. Click on Generate to create a new API key.

nessus_2

  1. Copy the generated Access Token and Secret Token.

nessus_3

Configuration Steps

1. User Account Verification

  1. Ensure you have a Nessus user account with appropriate permissions
  2. The account should have access to scan results and vulnerability data
  3. Verify that the user can access the API Keys section

2. API Key Generation

  1. Navigate to the My Account section in Settings
  2. Access the API Keys management page
  3. Generate a new API key pair (Access Key + Secret Key)
  4. Securely store both keys for configuration

3. Network Access Setup

  1. Ensure the Nessus server is accessible from your network
  2. Verify that the API endpoints are reachable (typically port 8834)
  3. Test connectivity using the generated credentials

API Capabilities

The Nessus connector will access vulnerability data including:

  • Scan Results: Complete vulnerability scan reports
  • Asset Information: Details about scanned systems and devices
  • Vulnerability Data: CVE information, CVSS scores, and remediation guidance
  • Compliance Reports: Security compliance status and findings

Required Information Summary

To configure the Nessus connector, please provide:

  1. Server IP/URL: The IP address or hostname of your Nessus server
  2. Access Key: The access token generated in the API Keys section
  3. Secret Key: The secret token generated alongside the access key
  4. Port: Custom port if not using standard 8834
  5. Protocol: HTTPS (recommended and typically required)
Caution
Security Requirements

Nessus typically requires HTTPS connections. Ensure your server has valid SSL certificates configured.

Note
Data Integration

The Nessus connector will integrate vulnerability assessment data into your security operations, providing comprehensive visibility into security weaknesses across your infrastructure.

Testing API Access

You can test the API credentials using curl:

curl -k -H "X-ApiKeys: accessKey=YOUR_ACCESS_KEY; secretKey=YOUR_SECRET_KEY" \
     "https://YOUR_SERVER:8834/server/properties"

Troubleshooting

Common Issues

  • SSL Certificate Errors: Use -k flag for self-signed certificates or configure proper certificates
  • Authentication Failed: Verify both access and secret keys are correct
  • Network Unreachable: Check firewall rules and ensure port 8834 is accessible
  • Permission Denied: Ensure the user account has appropriate scan access permissions

Required Permissions

The Nessus user account should have:

  • Access to view scan results
  • Permission to access vulnerability data
  • API access enabled (if this is a configurable option)
Tip
Performance Considerations

Large Nessus deployments may have extensive vulnerability data. Consider scheduling data synchronization during off-peak hours to minimize impact on system performance.

Previous← Tenable Security CenterNextOpenVAS →