Tenable.io Vulnerability Management

Tenable.io Vulnerability Management is a cloud-based vulnerability management platform built on advanced Nessus Vulnerability Assessment technology by Tenable Network Security. It consolidates and evaluates vulnerability data across your organization, while prioritizing security risks and providing a clear view of your security posture. Built on Nessus technology, Tenable.io discovers unknown assets that can be cataloged as part of your asset inventory.

The integration of Tenable.io with the Archer IT & Security Vulnerabilities Program use case enables customers to leverage the discovered devices and catalog those network devices with the vulnerability library. With Archer, clients can then identify which assets require remediation based on the business priority of that asset.

With the Archer Exchange, the Archer team and our trusted partners have created a broad selection of supplemental, value-added offerings to help you get your unique risk management program on the right path, right from the start. You can leverage the Archer Exchange offerings to expand the use of Archer solutions into new business processes and address specific industry, geographic, regulatory, or technical requirements. The Archer Exchange features a fast and agile development cycle, enabling quick delivery of new and updated offerings for trending issues and connections to innovative technologies.

To learn more, see Tenable.io Vulnerability Management Integration on the Archer Exchange.

Release history

Last updated

Published Date

Summary

2025.04

July 2025

  • Data Feed mapping has been updated for 2025.04 use case updates.

  • Tenable Plugin Data Feed has been enhanced to expedite the Plugins ingestion.

2024.11

April 2025

Initial release available:

  • Archer on-premises clients on Archer Platform version 2024.11 and later

  • Archer SaaS clients

Overview

The Tenable.io Vulnerability Management integration with Archer enables organizations to do the following:

  • Supplement the Vulnerability Library application with plugin content, which includes extensive CVE coverage.

  • Discover and catalog of assets, including unauthorized assets.

  • Capture network vulnerabilities using scanning technologies.

  • Gain quick visibility to assess risk posture on critical infrastructure devices.

  • Validate vulnerabilities inside Archer once scanners no longer detect vulnerabilities.

  • Identify which vulnerabilities with automated prioritization, that combines vulnerability data, threat intelligence and data science.

Prerequisites (ODA and system requirements)

Components

Prerequisites

Archer Solution Area(s)

IT & Security Risk Management

Archer Use Case(s)

  • IT Security Vulnerabilities Program

  • Enterprise Catalog

Archer Applications

  • Devices

  • Vulnerability Library

  • Vulnerability Scan Results

Uses Custom Objects

No

Requires Archer On-Demand Application (ODA) License

This offering requires zero (0) Archer On-Demand Applications.

Archer Requirements

Archer Platform Release 2025.04 and later

Supported Archer Environments

  • Archer SaaS

  • Note: This offering is available only to Archer SaaS clients on Archer Platform Release 2025.04 or later, which has the updates to the Archer IT Security Vulnerabilities Program required for this offering. While a prior version was available for on-premises clients in Archer Platform Release 2024.11, the current offering does not support on-premises environments

Partner/Vendor Requirements

Valid Tenable.io license is required. Additional fees may apply.

Related applications

Application

Use Case

Primary Purpose(s) of the Relationship

Vulnerability Library

IT Securities Vulnerabilities Program (IT Security & Risk Management)

  • The Vulnerability Library application represents a catalog of vulnerability data collected from the National Vulnerabilities Database (NVD)/National Institute of Standards and Technology (NIST).

  • The Vulnerability Library is updated each week or month by data feeds depending on the source.

Vulnerability Scan Results

IT Securities Vulnerabilities Program (IT Security & Risk Management)

  • The Vulnerability Scan Results application stores the issues that result from every new record that is created from the vulnerability scanner such as Device Name, IP, owner, department, description, notes, recommendations and much more.

  • These records will contain the technical recommendation for each scan result and allow for reporting on the total number of issues, regardless of which system detects it.

Vulnerability Reference Lists

IT Securities Vulnerabilities Program (IT Security & Risk Management)

  • The Vulnerability Reference Lists application provides a repository of public vulnerability references collected from the National Vulnerabilities Database (NVD)/National Institute of Standards and Technology (NIST).

  • The application provides a list of entries, each containing a vulnerability identification number, a type, and a public reference for known Cyber Security vulnerabilities.

  • The URL found in the application contains a list of public references detailing information about the vulnerability, such as a description, consequences of the vulnerability, and potential mitigation strategies.

Devices

IT Asset Catalog

  • The Devices application serves as a central repository of knowledge about your business critical devices and their business criticality.

  • It allows organizations to manage devices (for example, servers, desktops, and network devices) and their relationships, to ensure they are being protected according to management expectations.

Impacted use case

The following Archer use case is impacted: IT Securities Vulnerabilities Program

Additional resources

The following additional resources are available for this offering:

Architecture diagram

The following diagram shows the relationships between the applications that make up the Tenable.io Vulnerability Management integration.

A diagram of a software system  AI-generated content may be incorrect.

Security considerations

The information in this publication is provided “as is”. Archer makes no representations or warranties of any kind with respect to the information in this publication and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. Client is solely responsible for ensuring that the installation of the application is performed in a secure manner. Archer recommends clients perform a full security evaluation prior to implementation.

Configuring the data feeds

Included data feeds

Tenable.io provides a REST API that allows for the capability to script in interactions directly with the Tenable.io server. With Archer JavaScript Transporter, clients can easily authenticate to the server and make multiple, dependent API calls extracting large amounts of data in a single data feed. 

The following data feeds are provided with this integration:

Data Feed

Description     

Tenable.io Plugins 2025.04

The Tenable.io Plugins Archer 2025.04 feed is a JavaScript Transporter feed that utilizes API calls to extract all requested plugin definitions. Tenable.io data is imported and leveraged in the Vulnerability Library application.

Tenable.io Assets Generate 2025.04

The Tenable.io Assets Generate 2025.04 feed is a JavaScript Transporter feed that initiates the Tenable.io Assets Export job through the API requests.

Archer offers configurable settings that allow individual clients to define how to uniquely identify devices in their organization.

The feed does not insert or update any records in Archer.

Tenable.io Assets Ingest 2025.04

The Tenable.io Assets Ingest 2025.04 feed utilizes API calls to extract all the asset inventory discovered based on a client’s scanner configuration and implementation set in the Tenable.io Assets Generate 2025.04 feed.

Tenable.io Assets are imported and leveraged in the Devices application.  

Tenable.io Vulnerability Generate 2025.04

The Tenable.io Vulnerability Generate 2025.04 feed is a JavaScript Transporter feed that utilizes API calls to extract the vulnerabilities detected on each asset.

For data ingestion, Archer offers configurable settings that allow individual clients to filter vulnerabilities.

The feed does not insert/update any records in Archer.

Tenable.io Vulnerability Ingest 2025.04

The Tenable.io Vulnerability Ingest 2025.04 feed utilizes API calls to extract the vulnerabilities detected on each asset based on the configurations set in the Tenable.io Vulnerability Generate 2025.04.

Tenable.io vulnerabilities are imported and leveraged in the Vulnerability Scan Results application.  

Important: You must install all package files before importing data feeds. Package files include the IT Security Vulnerabilities Program use case package, the Enterprise Catalog package, and the Issues Management prerequisite use case package. For more information, see the “Installing the Packages” section of the IT Security Vulnerabilities Program use case in the Archer Online Documentation.

Note: The Tenable.io data feeds are dependent on the Tenable.io API response data volume and their execution might take longer than the session timeout set for the Archer Services Parameter account. The data feed might fail due to 'Invalid session token'. In this case, please increase the session timeout of Archer Service Parameter. See the following article in the Archer Community for details https://www.archerirm.community/s/article/Failure-of-Long-Running-Jobs-for-Data-Imports-or-Content-Deletion-in-Archer.

Data feed import sequence

Import and run the data feeds in the following order:

  1. (Optional) NVD Data Feeds

    Note: For information on setting up the NVD data feeds, see NIST National Vulnerability Database (NVD) Integration.

  2. Tenable.io Plugins 2025.04

  3. Run both Generate data feeds:

    1. Tenable.io Assets Generate 2025.04

    2. Tenable.io Vulnerability Generate 2025.04

  4. Note: The sufficient time gap of ~5 hours has been provided between Tenable.io Assets Generate and Ingest data feeds. If the Assets Generate takes more time than 5 hours to complete due to high volume of Assets data, adjust the time gap between the data feeds accordingly.

  5. Tenable.io Assets Ingest 2025.04

  6. Tenable.io Vulnerability Ingest 2025.04

Note: After setting up the data feeds, you can schedule the feeds to run when you want to. For more information, see the Scheduling Data Feeds section.

Configure the JavaScript Transporter settings

Complete the following steps for Vulnerability Generate and Ingest data feeds.

Update JavaScript Transporter settings

  1. Open the Archer Control Panel.

  2. Go to Instance Management > All Instances.

  3. Select an instance.

  4. On the General tab, go to the JavaScript Transporter section.

  5. In the Max Memory Limit field, set the value to 2048 MB (2 GB).

  6. In the Script Timeout field, set the value to 120 minutes (2 hours).

  7. Require Signature is active by default on install. Signed Certificate Thumbprints are required for all Hosted clients.

    1. In the Signing Certificate Thumbprints section, add a thumbprint for each digitally signed JavaScript file.

      1. In the Signing Certificate Thumbprints section, double-click an empty cell.

      2. Enter the digital thumbprint of the trusted certificate used to sign the JavaScript file.

        Note: For more information on how to obtain digital thumbprints, see "Digital Thumbprints" below.

        Important: If you enable Require Signature and do not specify thumbprints, JavaScript files will not be accepted by the system.

  8. On the toolbar, click Save.

Digital thumbprints

When running JavaScript data feeds, you can set the system to only allow digitally signed JavaScript files from trusted sources for security considerations.

For a certificate to be trusted, all certificates in the chain, including the Root CA Certificate and Intermediate CA certificates, must be trusted on both the Web Server and Services Server machines.

Archer Technologies Security LLC Certificate in the Trusted Root CA Store

By default, the Archer Technologies Security LLC certificate is not present on every machine’s root.

  1. On the JavaScript file, right-click and select Properties.

    1. Click the Digital Signatures tab.

    2. From the Signature List window, select Archer Technologies Security LLC.

    3. Click the Details button.

    4. Click View Certificate.

    5. Click Install Certificate.

    6. Select Local Machine.

    7. Click Next.

    8. Select Place all certificates in the following store, and click Browse.

      1. Select Trusted Root Certification Authorities, and click OK.

      2. Click Next.

      3. Click Finish.

  2. Upon successful import, click OK.

Obtain a certificate thumbprint

  1. On the Web Server and Services Server machines, open the Manage User Certificates program.

    1. From the Windows Start menu, launch certmgr. (Manage User Certificates).

    2. Navigate to Certificates – Local Computer > Trusted Root Certification Authorities > Certificates.

    3. Ensure the following certificates are in the Certificates sub-folder of the Trust Root Certification Authorities folder:

      • Archer Technologies Security LLC.

      • Archer Technologies Security 2048 V3 (Standard certificate).

  2. Verify that the certificate is trusted.

    1. Double-click the Archer Technologies Security LLC certificate.

    2. In the Certificate window, click the Certification Path tab.

    3. Ensure that the Certificate Status window displays the following message: “This certificate is OK.”

      Note: If the Certificate Status window displays a different message, follow the onscreen instructions.

  3. Obtain the trusted certificate thumbprint.

    1. In the Certificate window, click the Details tab.

    2. Scroll to and select the Thumbprint field.

      The certificate's digital thumbprint appears in the window.

    3. Copy the thumbprint.

      Note: For information on adding digital thumbprints, see Step 7a of "Configuring the JavaScript Transporter Settings" above.

Setting up the Tenable.io data feeds

There are five data feeds for Tenable.io integration. The data feeds for Vulnerabilities and Assets have been divided into two sets-

  • Generate: This feed initiates the job execution in Tenable.io. The completion of the Tenable.io job depends on the volume of data.

  • Ingest: This feed ingests the Tenable.io data that was generated based on parameters passed in the Generate phase.

The data feeds ingest Tenable.io data based on the date settings in the Custom parameter that is set to <LastRunTime>.

  • The default setting for the Date parameter is as follows:

    • Tenable.io Plugins 2025.04 Data Feed- last_updated

    • Tenable.io Assets Generate 2025.04 Data Feed-created_at

    • Tenable.io Vulnerability Generate 2025.04 Data Feed- since

In addition to the Date settings, parameters are provided to adjust the volume of data loads. These parameters are set at lowest settings; adjust the parameters to higher values for faster execution of data feed.

Note: While increasing the Custom parameters settings to a higher value, also increase the 'Max Memory Limit' settings in the Archer Control Panel accordingly. The minimum value of the 'Max Memory Limit' setting should be set at 2048 MB.

The following parameters can be used to increase/decrease the data volume per API request.

  • Tenable.io Plugins 2025.04 Data Feed- num_assets

  • Tenable.io Assets Generate 2025.04 Data Feed-chunck_size

  • Tenable.io Vulnerability Generate 2025.04 Data Feed- since

The data feeds execute into two phases: Initial Load and Incremental Load.

  1. Initial Load. This is the phase when the data feeds are imported and run for the first time. Since the LastRunTime is empty the data feeds will pull Tenable.io API data from 01-01-2000. The data volume is high in this phase; hence it is suggested to increase the Archer Service Parameter session timeout to a higher value. Update the LastRunTime token with a custom date if you need data to be pulled from a different date instead of 01-01-2000.

  1. Incremental Phase. After the initial run, the LastRunTime token gets updated with the current date time and subsequent data feeds run only pull the incremental Tenable.io data.

Important: In the event your integration is attempting to extract large amounts data, the execution of the JavaScript code could take multiple hours.  In order to avoid a timeout of the session token, the Archer Services Parameter must be extended. Currently the Archer Services account timeout parameter is set by default to 30 minutes.  In the event the JavaScript code has not completed in the allotted timeframe, the data feed will fail.

Set up the Tenable.io Plugins 2025.04 data feed

Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.

Important: With the exception of the optional parameters specified in this procedure, changes to the  JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.

  1. Go to the Manage Data Feeds page.

    1. From the menu bar, click Admin menu.

    2. Under Integration, click Data Feeds.

  1. In the Manage Data Feeds section, click Import.

  2. Locate and select the Tenable.io Plugins 2025.04.dfx5 file.

  3. Click Open.

  4. In the General Information section, in the Status field, select Active.

  5. In the Additional Properties section, enable Optimize Calculations.

  6. Click the Transport tab.

  7. In the Transport Configuration section, complete the following:

    1. Click Upload.

    2. From the Upload JavaScript File dialog, click Add New.

    3. Locate and select the signed-TenableIO_1.0.2.js file and click Open.

    4. From the Upload JavaScript File dialog, click OK.

  1. The JavaScript code allows you to pass in different variables through the Custom Parameters section.  The following table describes the supported values for specific Custom Parameters.

  2. Key  

    Value  

    Description 

    feedType

    Requires valid value ‘Plugins’

    Default = [empty]

     ‘Plugins’ should be provided for ‘Plugins’ data feed.

    url 

    Requires valid value

    Default=[empty]

     Valid Tenable.io URL

    https://cloud.tenable.com

    accessKey

    Requires valid value

    Default = [empty] 

     Tenable.io Access Key

    secretKey

    Requires valid value

    Default = [empty] 

     Tenable.io Secret Key

    last_updated

    Requires valid value

    Default = <LastRunTime>

    The last updated date to filter on in the YYYY-MM-DD format. Tenable.io Vulnerability Management returns only the plugins that have been updated after the specified date.

    size

    Requires valid value

    Default = 5000

    The number of records to include in the result set. Default is 1,000. The maximum size is 10,000.

    proxy    

    Optional

    Default = [empty]  

    Proxy server URL

    verifyCerts 

    Default = false

    [Configurable value of true / false]

    Validates the website address matches the address on the certificate, similar to browser level validation.

    Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.

  1. The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.

  2. Key  

    Value  

    Description 

    batchSize

    Default = 1000 (records at a time)

    [Configurable] 

    Used for defining batches of content to be retrieved in a single call. JavaScript makes incremental calls to pull the next batch of data. 

    socketLimit

    Default = 10

    [Configurable value of 1-25]      

    Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.

    maxRetry

    Default = 1

    [Configurable value of 0-2] 

    Indicates the number of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.

    requestsPerMin

    Default = 60

    [Configurable value]  

    A parameter to allow clients to govern the number of API requests made by Archer to the external integration.

    lastRunTimeOffset 

    Default = -1

    [Configurable value]  

    Ensures no data loss in the scenarios where calculations with Datetime can be a factor.

  1. For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.

  2. Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.

  3. The following table describes token values to verify.

    Token

    Value

    LastRunTime

    (Populated by feed)

    Note: For more information about tokens, see "Data Feed Tokens" in the Archer Online Documentation.

  1. Verify that key field values are not missing from the data feed setup window.

  2. Click Save.

The following are the mappings of the source and target fields in the data feed.

Source Field

Target Field

DFMKey

DFMKey

Source

Source

ID

ID

Name

Title

Plugin_Type

Tenable Check Type

Synopsis

Abstract
Tenable Synopsis

Description

Description

Solution

Solution

See_Also

Tenable see Also

Plugin_Publication_Date

Tenable Plug In Published Date

Vuln_Publication_Date

TenableVulnerability Published Date

Patch_Publication_Date

Tenable Patch Publish Date

Exploitability_Ease

Tenable Exploit Ease

Exploit_Available

Tenable Exploit Available

Risk_Factor

Tenable Risk Factor

CPE

Tenable CPE Full Configuration Name

Plugin_Modification_Date

Tenable Plug In Modified Date

Plugin_Version

Version

Required_Ports

Tenable Required Ports

Required_UDP_Ports

Tenable Required UDP Ports

Dependencies

Tenable Dependencies

AccessVector

Tenable CVSS v2 Vector

Cvss_Temporal_Score

CVSS v2 Temporal Score
Tenable CVSS v2 Temporal Score

Cvss_Base_Score

CVSS v2 Base Score
Tenable CVSS v2 Base Score

AccessVector

Tenable CVSS v3 Vector

Cvss3_Temporal_Score

CVSS v3 Temporal Score
Tenable CVSS v3 Temporal Score

Cvss3_Base_Score

CVSS v3 Base Score
Tenable CVSS v3 Base Score

Score

Tenable vprScore

TYPE

Vulnerability Reference Lists/Type

url

Vulnerability Reference Lists/url

Attack_Vector

Tenable CVSS v2 Access Vector

Attack_Complexitiy

Tenable CVSS v2 Access Complexity

Authentication

Tenable CVSS v2 Authentication

Confidentiality

Tenable CVSS v2 Impact Confidentiality

Integrity

Tenable CVSS v2 Impact Integrity

Availability

Tenable CVSS v2 Impact Availability

Exploitability

Tenable CVSS v2 Exploitability

Remediation_Level

Tenable CVSS v2 Remediation Level

Report_Confidence

Tenable CVSS v2 Report Confidence

Attack_Vector

Tenable CVSS v3 Attack Vector

Attack_Complexitiy

Tenable CVSS v3 Attack Complexity

Privileges

Tenable CVSS v3 Privileges Required

User_Interaction

Tenable CVSS v3 User Interaction

Scope

Tenable CVSS v3 Scope

Confidentiality_Impact

Tenable CVSS v3 Confidentiality Impact

Integrity_Impact

Tenable CVSS v3 Integrity Impact

Availability_Impact

Tenable CVSS v3 Availability Impact

Exploitability

Tenable CVSS v3 Exploit Code Maturity

Remediation_Level

Tenable CVSS v3 Remediation Level

Report_Confidence

Tenable CVSS v3 Report Confidence

Operating_System_Technology

CPE Operating System Technologies

Application_Technology

CPE Application Technologies

Hardware_Technology

CPE Hardware Technologies

Family_Id

Tenable Family ID

Family_Name

Tenable Family Name

Set up the Tenable.io Assets Generate 2025.04 data feed

The objective of this data feed is to initiate the Export Assets job in Tenable.io using the ‘https://cloud.tenable.com/assets/export’ endpoint. This data feed does not create/update any Archer records. The execution time of the data feed depends on the volume of Tenable data. The ingestion of the assets will be done by the Tenable.io Assets Ingest 2025.04 data feed.

Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.

Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.

  1. Go to the Manage Data Feeds page.

    1. From the menu bar, click Admin menu.

    2. Under Integration, click Data Feeds.

  1. In the Manage Data Feeds section, click Import.

  2. Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.

  3. Click Open.

  4. In the General Information section, in the Status field, select Active.

  5. In the Additional Properties section, enable Optimize Calculations.

  6. Click the Transport tab.

  7. In the Transport Configuration section, complete the following:

    1. Click Upload.

    2. From the Upload JavaScript File dialog, click Add New.

    3. Locate and select the signed-TenableIO_1.0.2.js file and click Open.

    4. From the Upload JavaScript File dialog, click OK.

  1. The JavaScript code allows you to pass in different variables through the Custom Parameters section.  The following table describes the supported values for specific Custom Parameters.

  2. Key  

    Value  

    Description 

    feedType

    Requires valid value ‘Assets

    Default = [empty]

     ‘Assets’ should be provided for ‘Assets Generate’ data feed.

    Objective

    Requires valid value ‘Generate’

    Default = [empty]

    ‘Generate’ should be provided for initiating the Assets generation job in Tenable.io

    url 

    Requires valid value

    Default = [empty] 

    Please use the Tenable.io URL:

    https://cloud.tenable.com

    accessKey

    Requires valid value

    Default = [empty] 

     Tenable.io Access Key

    secretKey

    Requires valid value

    Default = [empty] 

     Tenable.io Secret Key

    proxy

    Optional

    Default = [empty]  

    Proxy Server URL

    verifyCerts 

    Default = false

    [Configurable value of true or false]

    Validates the website address matches the address on the certificate, similar to browser level validation.

    chunk_size

    Optional

    Default = ‘1000’  

    Requires an Integer value

    Valid Values: 100 to 10000

    include_open_ports

    Optional

    Values: True/False

    Requires a Boolean value

    created_at

    Requires valid value

    Type: Date

    Default = [empty] 

    Values: <LastRunTime>

    Format- YYYY-MM-DD

    Use <LastRunTime> token for incremental loads.

    first_scan_time

    Optional

    Type: Date

    Default = [empty] 

    Format- YYYY-MM-DD

    last_authenticated_scan_time

    Optional

    Type: Date

    Default = [empty] 

    Format- YYYY-MM-DD

    last_assessed

    Optional

    Type: Date

    Default = [empty] 

    Format- YYYY-MM-DD

    sources

    Optional

    Values: Array of Plugins

    Values should be in Array

    e.g. [102897, 102898]

    updated_at

    Optional

    Type: Date

    Default = [empty] 

    Format- YYYY-MM-DD

    Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.

  1. (Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.

  2. Key 

    Value 

    Description 

    batchSize 

    Default = 1000 (records at a time)

    [Configurable] 

    Used for defining batches of content to be retrieved in a single call.  JavaScript makes incremental calls to pull the next batch of data. 

    socketLimit

    Default = 10

    [Configurable value of 1-25]      

    Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.

    maxRetry

    Default = 1

    [Configurable value of 0-2] 

    Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.

    requestsPerMin

    Default = 60

    [Configurable value]  

    A parameter to allow clients to govern the number of API requests made by Archer to the external integration.

    lastRunTimeOffset 

    Default = -1

    [Configurable value]  

    Ensures no data loss in the scenarios where calculations with Datetime can be a factor.  Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.

  1. For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.

  2. Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.

  3. The following table describes token values to verify.

    Token

    Value

    LastRunTime

    (Populated by feed)

    Note: For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.

  1. Verify that key field values are not missing from the data feed setup window.

  2. Click Save.

Set up the Tenable.io Assets Ingest 2025.04 data feed

The objective of the data feed is to ingest the Tenable assets into Devices application. The Assets extraction job is initiated by the Tenable.io Assets Generate 2025.04 data feed. This data feed must execute after Tenable.io Assets Generate 2025.04 data feed for latest updates.

Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.

Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.

  1. Go to the Manage Data Feeds page.

    1. From the menu bar, click Admin menu.

    2. Under Integration, click Data Feeds.

  2. In the Manage Data Feeds section, click Import.

  3. Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.

  4. Click Open.

  5. In the General Information section, in the Status field, select Active.

  6. In the Additional Properties section, enable Optimize Calculations.

  7. Click the Transport tab.

  8. In the Transport Configuration section, complete the following:

    1. Click Upload.

    2. From the Upload JavaScript File dialog, click Add New.

    3. Locate and select the signed-TenableIO_1.0.2js file and click Open.

    4. From the Upload JavaScript File dialog, click OK.

  1. The JavaScript code allows clients to pass in different variables through our Custom Parameters section.  The following table describes the supported values for specific Custom Parameters.

  2. Key  

    Value  

    Description 

    feedType

    Requires valid value ‘Assets

    Default = [empty]

     ‘Assets’ should be provided for Assets Ingest data feed.

    Objective

    Requires valid value ‘Ingest’

    Default = [empty]

    ‘Ingest’ should be provided for ingesting Assets into Device application

    url 

    Requires valid value

    Default = [empty] 

    Please use the Tenable.io URL:

    https://cloud.tenable.com

    accessKey

    Requires valid value

    Default = [empty] 

     Tenable.io Access Key

    secretKey

    Requires valid value

    Default = [empty] 

     Tenable.io Secret Key

    proxy

    Optional

    Default = [empty]  

    Proxy Server URL

    verifyCerts 

    Default = false

    [Configurable value of true or false]

    Validates the website address matches the address on the certificate, similar to browser level validation.

    Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.

  1. (Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.

  2. Key 

    Value 

    Description 

    batchSize 

    Default = 1000 (records at a time)

    [Configurable] 

    Used for defining batches of content to be retrieved in a single call.  JavaScript makes incremental calls to pull the next batch of data. 

    socketLimit

    Default = 10

    [Configurable value of 1-25]      

    Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.

    maxRetry

    Default = 1

    [Configurable value of 0-2] 

    Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.

    requestsPerMin

    Default = 60

    [Configurable value]  

    A parameter to allow clients to govern the number of API requests made by Archer to the external integration.

    lastRunTimeOffset 

    Default = -1

    [Configurable value]  

    Ensures no data loss in the scenarios where calculations with Datetime can be a factor.  Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.

  1. For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.

  2. Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.

  3. The following table describes token values to verify.

    Token

    Value

    LastRunTime

    (Populated by feed)

    Note: For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.

  1. Verify that key field values are not missing from the data feed setup window.

  2. Click Save.

The following are the mappings of the source and target fields in the data feed.

Source Field

Target Field

ID

Device Name

Source

Last Updated By

Last_Scan_Time

Last Scan Date Time

Last_Authenticated_Scan_Date

Last Vulnerability Authenticated Scanned Date Time

Serial_Number

Serial Number

Ipv4s

External IPv4 Address

Ipv6s

External IPv6 Address

FQDNS

Domain Name

Mac_Addresses

MAC Address

Netbios_Names

NetBIOS Name

Operating_Systems

Operating System

System_Types

Description

Host_Names

Host Name

Name

Network Name

Operating_System_Technology

Operating System Technologies

Application_Technology

Application Technologies

Hardware_Technology

Hardware Technologies

Set up the Tenable.io Vulnerability Generate 2025.04 data feed

The objective of this data feed is to initiate the Export Vulnerabilities job in Tenable.io using the ‘https://cloud.tenable.com/vulns/export` endpoint. This data feed does not create/update any Archer records. The execution time of the Data Feed depends on the volume of Tenable data. The ingestion of the assets will be done by the Tenable.io Assets Vulnerability 2025.04 data feed.

Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.

Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.

  1. Go to the Manage Data Feeds page.

    1. From the menu bar, click .

    2. Under Integration, click Data Feeds.

  2. In the Manage Data Feeds section, click Import.

  3. Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.

  4. Click Open.

  5. In the General Information section, in the Status field, select Active.

  6. In the Additional Properties section, enable Optimize Calculations.

  7. Click the Transport tab.

  8. In the Transport Configuration section, complete the following:

    1. Click Upload.

    2. From the Upload JavaScript File dialog, click Add New.

    3. Locate and select the signed-TenableIO_1.0.2js file and click Open.

    4. From the Upload JavaScript File dialog, click OK.

  1. The JavaScript code allows clients to pass in different variables through our Custom Parameters section.  The following table describes the supported values for specific Custom Parameters.

  2. Key  

    Value  

    Description 

    feedType

    Requires valid value ‘Vulnerability’

    Default = [empty]

     ‘Vulnerability’ should be provided for Vulnerability’ Generate data feed.

    Objective

    Requires valid value ‘Generate’

    Default = [empty]

    ‘Generate’ should be provided for initiating the Vulnerability generation job in Tenable.io

    url 

    Requires valid value

    Default = [empty]

    Please use the Tenable.io URL:

    https://cloud.tenable.com

    accessKey

    Requires valid value

    Default = [empty] 

     Tenable.io Access Key

    secretKey

    Requires valid value

    Default = [empty] 

     Tenable.io Secret Key

    proxy

    Optional

    Default = [empty]  

    Proxy Server URL

    verifyCerts 

    Default = false

    [Configurable value of true or false]

    Validates the website address matches the address on the certificate, similar to browser level validation.

    num_assets

    Optional

    Default = 500  

    Requires an Integer value

    50 to 5000

    include_unlicensed

    Optional

    Values: True/False

    Requires a Boolean value

    first_found

    Optional

    Type: Date

    Default = [empty]

    Format- YYYY-MM-DD

    last_found

    Optional

    Type: Date

    Default = [empty]

    Format- YYYY-MM-DD

    since

    Requires valid value

    Type: Date

    Default = [empty]

    Values: <LastRunTime>

    Format- YYYY-MM-DD

    Please use <LastRunTime> token for incremental loads.

    last_fixed

    Optional

    Type: Date

    Default = [empty]

    Format- YYYY-MM-DD

    cve_category

    Optional

    Type: Array

    Default = [empty]

    Requires String values

    exploit_maturity

    Optional

    Type: Array

    Default = [empty]

    Requires String values

    plugin_family

    Optional

    Type: Array

    Default = [empty]

    Requires String values

    plugin_type

    Optional

    Type: Array

    Default = [empty]

    Requires Integers value

    severity

    Optional

    Type: Array

    Default = [empty]

    Requires String values

    state

    Optional

    Type: Array

    Default = [empty]

    Requires String values

    source

    Optional

    Type: Array

    Default = [empty]

    Requires String values

     

    Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.

  1. (Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.

  2. Key 

    Value 

    Description 

    batchSize 

    Default = 1000 (records at a time)

    [Configurable] 

    Used for defining batches of content to be retrieved in a single call.  JavaScript makes incremental calls to pull the next batch of data. 

    socketLimit

    Default = 10

    [Configurable value of 1-25]      

    Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.

    maxRetry

    Default = 1

    [Configurable value of 0-2] 

    Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.

    requestsPerMin

    Default = 60

    [Configurable value]  

    A parameter to allow clients to govern the number of API requests made by Archer to the external integration.

    lastRunTimeOffset 

    Default = -1

    [Configurable value]  

    Ensures no data loss in the scenarios where calculations with Datetime can be a factor.  Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.

  1. For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.

  2. Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.

  3. The following table describes token values to verify.

    Token

    Value

    LastRunTime

    (Populated by feed)

    For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.

  1. Verify that key field values are not missing from the data feed setup window.

  2. Click Save.

Set up the Tenable.io Vulnerability Ingest 2025.04 data feed

The objective of the data feed is to ingest the Tenable vulnerabilities into Vulnerability Scan Results application. The Vulnerability extraction job is initiated by the Tenable.io Vulnerability Generate 2025.04 data feed. This data feed must execute after Tenable.io Vulnerability Generate 2025.04 data feed for latest updates.

Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.

Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.

  1. Go to the Manage Data Feeds page.

    1. From the menu bar, click .

    2. Under Integration, click Data Feeds.

  2. In the Manage Data Feeds section, click Import.

  3. Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.

  4. Click Open.

  5. In the General Information section, in the Status field, select Active.

  6. In the Additional Properties section, enable Optimize Calculations.

  7. Click the Transport tab.

  8. In the Transport Configuration section, complete the following:

    1. Click Upload.

    2. From the Upload JavaScript File dialog, click Add New.

    3. Locate and select the signed-TenableIO_1.0.2js file and click Open.

    4. From the Upload JavaScript File dialog, click OK.

  1. The JavaScript code allows clients to pass in different variables through our Custom Parameters section.  The following table describes the supported values for specific Custom Parameters.

  2. Key  

    Value  

    Description 

    feedType

    Requires valid value ‘Vulnerability’

    Default = [empty]

     ‘Vulnerability’ should be provided for ‘Vulnerability Ingest’ data feed.

    Objective

    Requires valid value ‘Ingest’

    Default = [empty]

    ‘Ingest’ should be provided for ingesting Vulnerabilities into Vulnerability Scan Results application.

    url 

    Requires valid value

    Default = [empty]

    Please use the Tenable.io URL:

    https://cloud.tenable.com

    accessKey

    Requires valid value

    Default = [empty] 

     Tenable.io Access Key

    secretKey

    Requires valid value

    Default = [empty] 

     Tenable.io Secret Key

    proxy

    Optional

    Default = [empty]  

    Proxy Server URL

    verifyCerts 

    Default = false

    [Configurable value of true or false]

    Validates the website address matches the address on the certificate, similar to browser level validation.

    Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.

  1. (Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.

  2. Key 

    Value 

    Description 

    batchSize 

    Default = 1000 (records at a time)

    [Configurable] 

    Used for defining batches of content to be retrieved in a single call.  JavaScript makes incremental calls to pull the next batch of data. 

    socketLimit

    Default = 10

    [Configurable value of 1-25]      

    Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.

    maxRetry

    Default = 1

    [Configurable value of 0-2] 

    Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.

    requestsPerMin

    Default = 60

    [Configurable value]  

    A parameter to allow clients to govern the number of API requests made by Archer to the external integration.

    lastRunTimeOffset 

    Default = -1

    [Configurable value]  

    Ensures no data loss in the scenarios where calculations with Datetime can be a factor.  Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.

  1. For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.

  2. Click the Source Definition tab. Click the Tokens sub-tab.

  3. Verify token values. The following table describes token values to verify.

  4. Token

    Value

    LastRunTime

    (Populated by feed)

    For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.

  1. Verify that key field values are not missing from the data feed setup window.

  2. Click Save.

The following are the mappings of the source and target fields in the data feed.

Source Field

Target Field

Archer_Source

Source

Title

Title

DFMKey

DFMKey

Fqdn

FQDN

Hostname

Hostname

Uuid

Host ID
Impacted Device/Device Name

Ipv4

IPv4

Ipv6

Ipv6

Mac_Address

MAC Address

Netbios_name

NetBIOS Name

Operating_System

Operating System

Network_Id

Network ID

Output

Results

Bid

Tenable Plugin ID

Description

Tenable Plugin Information

Id

Vulnerability Library Details/ID
Vulnerability ID

Modification_Date

Last Date Updated

Score

Priority

CVE

CVE ID

Operating_System_Technology

CPE Operating System Technology

PortNumber

Port Number

Protocal

Protocol

Service

Service

Started_At

Last Device Scan Date

Severity

Severity
Tenable Severity Name

Severity_Id

Tenable Severity ID

First_Found

First Found Date

Last_Found

Last Found Date

Using the Tenable.io data feeds

Scheduling data feeds

Important: A data feed must be active and valid to successfully run.

As you schedule your data feed, the Data Feed Manager validates the information. If any information is invalid, an error message display. You can save the data feed and correct the errors later; but the data feed does not process until you make corrections.

All data feeds are set to run daily by default.

  1. From the menu bar, click  .

  2. Go to the Schedule tab of the data feed that you want to modify.

    1. From the menu bar, click .

    2. Under Integration, click Data Feeds.

    3. Select the data feed.

    4. Click the Schedule tab.

  3. Go to the Recurrences section and complete frequency, start and stop times, and time zone.

The following table describes the fields in the Recurrences section.

Field

Description

Frequency

Specifies the interval in which the data feed runs, for example, Minutely, Hourly, Daily, Weekly, Monthly, or Reference.

  • Minutely. Runs the data feed by the interval set.

For example, if you specify 45 in Every list, the data feed executes every 45 minutes.

  • Hourly. Runs the data feed by the interval set, for example, every hour (1), every other hour (2) and so forth.

  • Daily. Runs the data feed by the interval set, for example, every day (1), every other day (2) and, so forth.

  • Weekly. Runs the data feed based on a specified day of the week, for example, every Monday of the first week (1), every other Monday (2), and so forth.

  • Monthly. Runs the data feed based on a specified week of the month, for example, 1st, 2nd, 3rd, 4th, or Last.

  • Recurrence. Runs a specified data feed as runs before the current one. This option indicates to the Data Feed Service that this data feed starts as soon as the referenced data feed completes successfully. For example, you can select to have a Threats data feed run immediately after your Assets data feed finishes. From the Reference Feed list, select after which existing data feed the current data feed starts.

A reference data feed will not run when immediately running a data feed. The Run Data Feed Now option only runs the current data feed.

Every

Specifies the interval of the frequency in which the data feed runs.

Start Time

Specifies the time the data feed starts running.

Start Date

Specifies the date on which the data feed schedule begins.

Time Zone

Specifies the time zone in of the server that runs the data feed.

  1. (Optional) To override the data feed schedule and immediately run your data feed, in the Run Data Feed Now section, click Start.

  2. Click Save.

Certification environment

Date Tested: July 2025

Product Name

Version Information

Operating System

Archer

2025.04

Virtual Appliance

Tenable.io

NA

NA