Tenable.io Vulnerability Management

Tenable.io Vulnerability Management is a cloud-based vulnerability management platform built on advanced Nessus Vulnerability Assessment technology by Tenable Network Security. It consolidates and evaluates vulnerability data across your organization, while prioritizing security risks and providing a clear view of your security posture. Built on Nessus technology, Tenable.io discovers unknown assets that can be cataloged as part of your asset inventory.

The integration of Tenable.io with the Archer IT & Security Vulnerabilities Program use case enables customers to leverage the discovered devices and catalog those network devices with the vulnerability library. With Archer, clients can then identify which assets require remediation based on the business priority of that asset.

With the Archer Exchange, the Archer team and our trusted partners have created a broad selection of supplemental, value-added offerings to help you get your unique risk management program on the right path, right from the start. You can leverage the Archer Exchange offerings to expand the use of Archer solutions into new business processes and address specific industry, geographic, regulatory, or technical requirements. The Archer Exchange features a fast and agile development cycle, enabling quick delivery of new and updated offerings for trending issues and connections to innovative technologies.

To learn more, see Tenable.io Vulnerability Management Integration on the Archer Exchange.

Release history

Last updated	Published Date	Summary
2025.04	July 2025	Data Feed mapping has been updated for 2025.04 use case updates. Tenable Plugin Data Feed has been enhanced to expedite the Plugins ingestion.
2024.11	April 2025	Initial release available: Archer on-premises clients on Archer Platform version 2024.11 and later Archer SaaS clients

Overview

The Tenable.io Vulnerability Management integration with Archer enables organizations to do the following:

• Supplement the Vulnerability Library application with plugin content, which includes extensive CVE coverage.

• Discover and catalog of assets, including unauthorized assets.

• Capture network vulnerabilities using scanning technologies.

• Gain quick visibility to assess risk posture on critical infrastructure devices.

• Validate vulnerabilities inside Archer once scanners no longer detect vulnerabilities.

• Identify which vulnerabilities with automated prioritization, that combines vulnerability data, threat intelligence and data science.

Prerequisites (ODA and system requirements)

Components	Prerequisites
Archer Solution Area(s)	IT & Security Risk Management
Archer Use Case(s)	IT Security Vulnerabilities Program Enterprise Catalog
Archer Applications	Devices Vulnerability Library Vulnerability Scan Results
Uses Custom Objects	No
Requires Archer On-Demand Application (ODA) License	This offering requires zero (0) Archer On-Demand Applications.
Archer Requirements	Archer Platform Release 2025.04 and later
Supported Archer Environments	Archer SaaS Note: This offering is available only to Archer SaaS clients on Archer Platform Release 2025.04 or later, which has the updates to the Archer IT Security Vulnerabilities Program required for this offering. While a prior version was available for on-premises clients in Archer Platform Release 2024.11, the current offering does not support on-premises environments
Partner/Vendor Requirements	Valid Tenable.io license is required. Additional fees may apply.

Related applications

Application	Use Case	Primary Purpose(s) of the Relationship
Vulnerability Library	IT Securities Vulnerabilities Program (IT Security & Risk Management)	The Vulnerability Library application represents a catalog of vulnerability data collected from the National Vulnerabilities Database (NVD)/National Institute of Standards and Technology (NIST). The Vulnerability Library is updated each week or month by data feeds depending on the source.
Vulnerability Scan Results	IT Securities Vulnerabilities Program (IT Security & Risk Management)	The Vulnerability Scan Results application stores the issues that result from every new record that is created from the vulnerability scanner such as Device Name, IP, owner, department, description, notes, recommendations and much more. These records will contain the technical recommendation for each scan result and allow for reporting on the total number of issues, regardless of which system detects it.
Vulnerability Reference Lists	IT Securities Vulnerabilities Program (IT Security & Risk Management)	The Vulnerability Reference Lists application provides a repository of public vulnerability references collected from the National Vulnerabilities Database (NVD)/National Institute of Standards and Technology (NIST). The application provides a list of entries, each containing a vulnerability identification number, a type, and a public reference for known Cyber Security vulnerabilities. The URL found in the application contains a list of public references detailing information about the vulnerability, such as a description, consequences of the vulnerability, and potential mitigation strategies.
Devices	IT Asset Catalog	The Devices application serves as a central repository of knowledge about your business critical devices and their business criticality. It allows organizations to manage devices (for example, servers, desktops, and network devices) and their relationships, to ensure they are being protected according to management expectations.

Impacted use case

The following Archer use case is impacted: IT Securities Vulnerabilities Program

Additional resources

The following additional resources are available for this offering:

• https://developer.tenable.com/reference/navigate

Architecture diagram

The following diagram shows the relationships between the applications that make up the Tenable.io Vulnerability Management integration.

Security considerations

The information in this publication is provided “as is”. Archer makes no representations or warranties of any kind with respect to the information in this publication and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. Client is solely responsible for ensuring that the installation of the application is performed in a secure manner. Archer recommends clients perform a full security evaluation prior to implementation.

Configuring the data feeds

Included data feeds

Tenable.io provides a REST API that allows for the capability to script in interactions directly with the Tenable.io server. With Archer JavaScript Transporter, clients can easily authenticate to the server and make multiple, dependent API calls extracting large amounts of data in a single data feed. 

The following data feeds are provided with this integration:

Data Feed	Description
Tenable.io Plugins 2025.04	The Tenable.io Plugins Archer 2025.04 feed is a JavaScript Transporter feed that utilizes API calls to extract all requested plugin definitions. Tenable.io data is imported and leveraged in the Vulnerability Library application.
Tenable.io Assets Generate 2025.04	The Tenable.io Assets Generate 2025.04 feed is a JavaScript Transporter feed that initiates the Tenable.io Assets Export job through the API requests. Archer offers configurable settings that allow individual clients to define how to uniquely identify devices in their organization. The feed does not insert or update any records in Archer.
Tenable.io Assets Ingest 2025.04	The Tenable.io Assets Ingest 2025.04 feed utilizes API calls to extract all the asset inventory discovered based on a client’s scanner configuration and implementation set in the Tenable.io Assets Generate 2025.04 feed. Tenable.io Assets are imported and leveraged in the Devices application.
Tenable.io Vulnerability Generate 2025.04	The Tenable.io Vulnerability Generate 2025.04 feed is a JavaScript Transporter feed that utilizes API calls to extract the vulnerabilities detected on each asset. For data ingestion, Archer offers configurable settings that allow individual clients to filter vulnerabilities. The feed does not insert/update any records in Archer.
Tenable.io Vulnerability Ingest 2025.04	The Tenable.io Vulnerability Ingest 2025.04 feed utilizes API calls to extract the vulnerabilities detected on each asset based on the configurations set in the Tenable.io Vulnerability Generate 2025.04. Tenable.io vulnerabilities are imported and leveraged in the Vulnerability Scan Results application.

Important: You must install all package files before importing data feeds. Package files include the IT Security Vulnerabilities Program use case package, the Enterprise Catalog package, and the Issues Management prerequisite use case package. For more information, see the “Installing the Packages” section of the IT Security Vulnerabilities Program use case in the Archer Online Documentation.

Note: The Tenable.io data feeds are dependent on the Tenable.io API response data volume and their execution might take longer than the session timeout set for the Archer Services Parameter account. The data feed might fail due to 'Invalid session token'. In this case, please increase the session timeout of Archer Service Parameter. See the following article in the Archer Community for details https://www.archerirm.community/s/article/Failure-of-Long-Running-Jobs-for-Data-Imports-or-Content-Deletion-in-Archer.

Data feed import sequence

Import and run the data feeds in the following order:

1. (Optional) NVD Data Feeds

   Note: For information on setting up the NVD data feeds, see NIST National Vulnerability Database (NVD) Integration.

2. Tenable.io Plugins 2025.04

3. Run both Generate data feeds:

   1. Tenable.io Assets Generate 2025.04

   2. Tenable.io Vulnerability Generate 2025.04

4. Note: The sufficient time gap of ~5 hours has been provided between Tenable.io Assets Generate and Ingest data feeds. If the Assets Generate takes more time than 5 hours to complete due to high volume of Assets data, adjust the time gap between the data feeds accordingly.

5. Tenable.io Assets Ingest 2025.04

6. Tenable.io Vulnerability Ingest 2025.04

Note: After setting up the data feeds, you can schedule the feeds to run when you want to. For more information, see the Scheduling Data Feeds section.

Configure the JavaScript Transporter settings

Complete the following steps for Vulnerability Generate and Ingest data feeds.

Update JavaScript Transporter settings

1. Open the Archer Control Panel.

2. Go to Instance Management > All Instances.

3. Select an instance.

4. On the General tab, go to the JavaScript Transporter section.

5. In the Max Memory Limit field, set the value to 2048 MB (2 GB).

6. In the Script Timeout field, set the value to 120 minutes (2 hours).

7. Require Signature is active by default on install. Signed Certificate Thumbprints are required for all Hosted clients.

   1. In the Signing Certificate Thumbprints section, add a thumbprint for each digitally signed JavaScript file.

      1. In the Signing Certificate Thumbprints section, double-click an empty cell.

      2. Enter the digital thumbprint of the trusted certificate used to sign the JavaScript file.

         Note: For more information on how to obtain digital thumbprints, see "Digital Thumbprints" below.

         Important: If you enable Require Signature and do not specify thumbprints, JavaScript files will not be accepted by the system.

8. On the toolbar, click Save.

Digital thumbprints

When running JavaScript data feeds, you can set the system to only allow digitally signed JavaScript files from trusted sources for security considerations.

For a certificate to be trusted, all certificates in the chain, including the Root CA Certificate and Intermediate CA certificates, must be trusted on both the Web Server and Services Server machines.

Archer Technologies Security LLC Certificate in the Trusted Root CA Store

By default, the Archer Technologies Security LLC certificate is not present on every machine’s root.

1. On the JavaScript file, right-click and select Properties.

   1. Click the Digital Signatures tab.

   2. From the Signature List window, select Archer Technologies Security LLC.

   3. Click the Details button.

   4. Click View Certificate.

   5. Click Install Certificate.

   6. Select Local Machine.

   7. Click Next.

   8. Select Place all certificates in the following store, and click Browse.

      1. Select Trusted Root Certification Authorities, and click OK.

      2. Click Next.

      3. Click Finish.

2. Upon successful import, click OK.

Obtain a certificate thumbprint

1. On the Web Server and Services Server machines, open the Manage User Certificates program.

   1. From the Windows Start menu, launch certmgr. (Manage User Certificates).

   2. Navigate to Certificates – Local Computer > Trusted Root Certification Authorities > Certificates.

   3. Ensure the following certificates are in the Certificates sub-folder of the Trust Root Certification Authorities folder:

      • Archer Technologies Security LLC.

      • Archer Technologies Security 2048 V3 (Standard certificate).

2. Verify that the certificate is trusted.

   1. Double-click the Archer Technologies Security LLC certificate.

   2. In the Certificate window, click the Certification Path tab.

   3. Ensure that the Certificate Status window displays the following message: “This certificate is OK.”

      Note: If the Certificate Status window displays a different message, follow the onscreen instructions.

3. Obtain the trusted certificate thumbprint.

   1. In the Certificate window, click the Details tab.

   2. Scroll to and select the Thumbprint field.

      The certificate's digital thumbprint appears in the window.

   3. Copy the thumbprint.

      Note: For information on adding digital thumbprints, see Step 7a of "Configuring the JavaScript Transporter Settings" above.

Setting up the Tenable.io data feeds

There are five data feeds for Tenable.io integration. The data feeds for Vulnerabilities and Assets have been divided into two sets-

• Generate: This feed initiates the job execution in Tenable.io. The completion of the Tenable.io job depends on the volume of data.

• Ingest: This feed ingests the Tenable.io data that was generated based on parameters passed in the Generate phase.

The data feeds ingest Tenable.io data based on the date settings in the Custom parameter that is set to <LastRunTime>.

• The default setting for the Date parameter is as follows:

  • Tenable.io Plugins 2025.04 Data Feed- last_updated

  • Tenable.io Assets Generate 2025.04 Data Feed-created_at

  • Tenable.io Vulnerability Generate 2025.04 Data Feed- since

In addition to the Date settings, parameters are provided to adjust the volume of data loads. These parameters are set at lowest settings; adjust the parameters to higher values for faster execution of data feed.

Note: While increasing the Custom parameters settings to a higher value, also increase the 'Max Memory Limit' settings in the Archer Control Panel accordingly. The minimum value of the 'Max Memory Limit' setting should be set at 2048 MB.

The following parameters can be used to increase/decrease the data volume per API request.

• Tenable.io Plugins 2025.04 Data Feed- num_assets

• Tenable.io Assets Generate 2025.04 Data Feed-chunck_size

• Tenable.io Vulnerability Generate 2025.04 Data Feed- since

The data feeds execute into two phases: Initial Load and Incremental Load.

1. Initial Load. This is the phase when the data feeds are imported and run for the first time. Since the LastRunTime is empty the data feeds will pull Tenable.io API data from 01-01-2000. The data volume is high in this phase; hence it is suggested to increase the Archer Service Parameter session timeout to a higher value. Update the LastRunTime token with a custom date if you need data to be pulled from a different date instead of 01-01-2000.

2. Incremental Phase. After the initial run, the LastRunTime token gets updated with the current date time and subsequent data feeds run only pull the incremental Tenable.io data.

Important: In the event your integration is attempting to extract large amounts data, the execution of the JavaScript code could take multiple hours.  In order to avoid a timeout of the session token, the Archer Services Parameter must be extended. Currently the Archer Services account timeout parameter is set by default to 30 minutes.  In the event the JavaScript code has not completed in the allotted timeframe, the data feed will fail.

Set up the Tenable.io Plugins 2025.04 data feed

Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.

Important: With the exception of the optional parameters specified in this procedure, changes to the  JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.

1. Go to the Manage Data Feeds page.

   1. From the menu bar, click .

   2. Under Integration, click Data Feeds.

2. In the Manage Data Feeds section, click Import.

3. Locate and select the Tenable.io Plugins 2025.04.dfx5 file.

4. Click Open.

5. In the General Information section, in the Status field, select Active.

6. In the Additional Properties section, enable Optimize Calculations.

7. Click the Transport tab.

8. In the Transport Configuration section, complete the following:

   1. Click Upload.

   2. From the Upload JavaScript File dialog, click Add New.

   3. Locate and select the signed-TenableIO_1.0.2.js file and click Open.

   4. From the Upload JavaScript File dialog, click OK.

9. The JavaScript code allows you to pass in different variables through the Custom Parameters section.  The following table describes the supported values for specific Custom Parameters.

10. Key	Value	Description
    feedType	Requires valid value ‘Plugins’ Default = [empty]	‘Plugins’ should be provided for ‘Plugins’ data feed.
    url	Requires valid value Default=[empty]	Valid Tenable.io URL https://cloud.tenable.com
    accessKey	Requires valid value Default = [empty]	Tenable.io Access Key
    secretKey	Requires valid value Default = [empty]	Tenable.io Secret Key
    last_updated	Requires valid value Default = <LastRunTime>	The last updated date to filter on in the YYYY-MM-DD format. Tenable.io Vulnerability Management returns only the plugins that have been updated after the specified date.
    size	Requires valid value Default = 5000	The number of records to include in the result set. Default is 1,000. The maximum size is 10,000.
    proxy	Optional Default = [empty]	Proxy server URL
    verifyCerts	Default = false [Configurable value of true / false]	Validates the website address matches the address on the certificate, similar to browser level validation.

    Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.

10. The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.

11. Key	Value	Description
    batchSize	Default = 1000 (records at a time) [Configurable]	Used for defining batches of content to be retrieved in a single call. JavaScript makes incremental calls to pull the next batch of data.
    socketLimit	Default = 10 [Configurable value of 1-25]	Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.
    maxRetry	Default = 1 [Configurable value of 0-2]	Indicates the number of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.
    requestsPerMin	Default = 60 [Configurable value]	A parameter to allow clients to govern the number of API requests made by Archer to the external integration.
    lastRunTimeOffset	Default = -1 [Configurable value]	Ensures no data loss in the scenarios where calculations with Datetime can be a factor.

11. For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.

12. Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.

13. The following table describes token values to verify.

    Token	Value
    LastRunTime	(Populated by feed)

    Note: For more information about tokens, see "Data Feed Tokens" in the Archer Online Documentation.

13. Verify that key field values are not missing from the data feed setup window.

14. Click Save.

The following are the mappings of the source and target fields in the data feed.

Source Field	Target Field
DFMKey	DFMKey
Source	Source
ID	ID
Name	Title
Plugin_Type	Tenable Check Type
Synopsis	Abstract Tenable Synopsis
Description	Description
Solution	Solution
See_Also	Tenable see Also
Plugin_Publication_Date	Tenable Plug In Published Date
Vuln_Publication_Date	TenableVulnerability Published Date
Patch_Publication_Date	Tenable Patch Publish Date
Exploitability_Ease	Tenable Exploit Ease
Exploit_Available	Tenable Exploit Available
Risk_Factor	Tenable Risk Factor
CPE	Tenable CPE Full Configuration Name
Plugin_Modification_Date	Tenable Plug In Modified Date
Plugin_Version	Version
Required_Ports	Tenable Required Ports
Required_UDP_Ports	Tenable Required UDP Ports
Dependencies	Tenable Dependencies
AccessVector	Tenable CVSS v2 Vector
Cvss_Temporal_Score	CVSS v2 Temporal Score Tenable CVSS v2 Temporal Score
Cvss_Base_Score	CVSS v2 Base Score Tenable CVSS v2 Base Score
AccessVector	Tenable CVSS v3 Vector
Cvss3_Temporal_Score	CVSS v3 Temporal Score Tenable CVSS v3 Temporal Score
Cvss3_Base_Score	CVSS v3 Base Score Tenable CVSS v3 Base Score
Score	Tenable vprScore
TYPE	Vulnerability Reference Lists/Type
url	Vulnerability Reference Lists/url
Attack_Vector	Tenable CVSS v2 Access Vector
Attack_Complexitiy	Tenable CVSS v2 Access Complexity
Authentication	Tenable CVSS v2 Authentication
Confidentiality	Tenable CVSS v2 Impact Confidentiality
Integrity	Tenable CVSS v2 Impact Integrity
Availability	Tenable CVSS v2 Impact Availability
Exploitability	Tenable CVSS v2 Exploitability
Remediation_Level	Tenable CVSS v2 Remediation Level
Report_Confidence	Tenable CVSS v2 Report Confidence
Attack_Vector	Tenable CVSS v3 Attack Vector
Attack_Complexitiy	Tenable CVSS v3 Attack Complexity
Privileges	Tenable CVSS v3 Privileges Required
User_Interaction	Tenable CVSS v3 User Interaction
Scope	Tenable CVSS v3 Scope
Confidentiality_Impact	Tenable CVSS v3 Confidentiality Impact
Integrity_Impact	Tenable CVSS v3 Integrity Impact
Availability_Impact	Tenable CVSS v3 Availability Impact
Exploitability	Tenable CVSS v3 Exploit Code Maturity
Remediation_Level	Tenable CVSS v3 Remediation Level
Report_Confidence	Tenable CVSS v3 Report Confidence
Operating_System_Technology	CPE Operating System Technologies
Application_Technology	CPE Application Technologies
Hardware_Technology	CPE Hardware Technologies
Family_Id	Tenable Family ID
Family_Name	Tenable Family Name

Set up the Tenable.io Assets Generate 2025.04 data feed

The objective of this data feed is to initiate the Export Assets job in Tenable.io using the ‘https://cloud.tenable.com/assets/export’ endpoint. This data feed does not create/update any Archer records. The execution time of the data feed depends on the volume of Tenable data. The ingestion of the assets will be done by the Tenable.io Assets Ingest 2025.04 data feed.

Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.

Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.

1. Go to the Manage Data Feeds page.

   1. From the menu bar, click .

   2. Under Integration, click Data Feeds.

2. In the Manage Data Feeds section, click Import.

3. Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.

4. Click Open.

5. In the General Information section, in the Status field, select Active.

6. In the Additional Properties section, enable Optimize Calculations.

7. Click the Transport tab.

8. In the Transport Configuration section, complete the following:

   1. Click Upload.

   2. From the Upload JavaScript File dialog, click Add New.

   3. Locate and select the signed-TenableIO_1.0.2.js file and click Open.

   4. From the Upload JavaScript File dialog, click OK.

9. The JavaScript code allows you to pass in different variables through the Custom Parameters section.  The following table describes the supported values for specific Custom Parameters.

10. Key	Value	Description
    feedType	Requires valid value ‘Assets Default = [empty]	‘Assets’ should be provided for ‘Assets Generate’ data feed.
    Objective	Requires valid value ‘Generate’ Default = [empty]	‘Generate’ should be provided for initiating the Assets generation job in Tenable.io
    url	Requires valid value Default = [empty]	Please use the Tenable.io URL: https://cloud.tenable.com
    accessKey	Requires valid value Default = [empty]	Tenable.io Access Key
    secretKey	Requires valid value Default = [empty]	Tenable.io Secret Key
    proxy	Optional Default = [empty]	Proxy Server URL
    verifyCerts	Default = false [Configurable value of true or false]	Validates the website address matches the address on the certificate, similar to browser level validation.
    chunk_size	Optional Default = ‘1000’	Requires an Integer value Valid Values: 100 to 10000
    include_open_ports	Optional Values: True/False	Requires a Boolean value
    created_at	Requires valid value Type: Date Default = [empty]  Values: <LastRunTime>	Format- YYYY-MM-DD Use <LastRunTime> token for incremental loads.
    first_scan_time	Optional Type: Date Default = [empty]	Format- YYYY-MM-DD
    last_authenticated_scan_time	Optional Type: Date Default = [empty]	Format- YYYY-MM-DD
    last_assessed	Optional Type: Date Default = [empty]	Format- YYYY-MM-DD
    sources	Optional Values: Array of Plugins	Values should be in Array e.g. [102897, 102898]
    updated_at	Optional Type: Date Default = [empty]	Format- YYYY-MM-DD

    Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.

10. (Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.

11. Key	Value	Description
    batchSize	Default = 1000 (records at a time) [Configurable]	Used for defining batches of content to be retrieved in a single call.  JavaScript makes incremental calls to pull the next batch of data.
    socketLimit	Default = 10 [Configurable value of 1-25]	Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.
    maxRetry	Default = 1 [Configurable value of 0-2]	Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.
    requestsPerMin	Default = 60 [Configurable value]	A parameter to allow clients to govern the number of API requests made by Archer to the external integration.
    lastRunTimeOffset	Default = -1 [Configurable value]	Ensures no data loss in the scenarios where calculations with Datetime can be a factor.  Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.

11. For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.

12. Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.

13. The following table describes token values to verify.

    Token	Value
    LastRunTime	(Populated by feed)

    Note: For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.

13. Verify that key field values are not missing from the data feed setup window.

14. Click Save.

Set up the Tenable.io Assets Ingest 2025.04 data feed

The objective of the data feed is to ingest the Tenable assets into Devices application. The Assets extraction job is initiated by the Tenable.io Assets Generate 2025.04 data feed. This data feed must execute after Tenable.io Assets Generate 2025.04 data feed for latest updates.

Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.

Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.

1. Go to the Manage Data Feeds page.

   1. From the menu bar, click .

   2. Under Integration, click Data Feeds.

2. In the Manage Data Feeds section, click Import.

3. Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.

4. Click Open.

5. In the General Information section, in the Status field, select Active.

6. In the Additional Properties section, enable Optimize Calculations.

7. Click the Transport tab.

8. In the Transport Configuration section, complete the following:

   1. Click Upload.

   2. From the Upload JavaScript File dialog, click Add New.

   3. Locate and select the signed-TenableIO_1.0.2js file and click Open.

   4. From the Upload JavaScript File dialog, click OK.

9. The JavaScript code allows clients to pass in different variables through our Custom Parameters section.  The following table describes the supported values for specific Custom Parameters.

10. Key	Value	Description
    feedType	Requires valid value ‘Assets Default = [empty]	‘Assets’ should be provided for Assets Ingest data feed.
    Objective	Requires valid value ‘Ingest’ Default = [empty]	‘Ingest’ should be provided for ingesting Assets into Device application
    url	Requires valid value Default = [empty]	Please use the Tenable.io URL: https://cloud.tenable.com
    accessKey	Requires valid value Default = [empty]	Tenable.io Access Key
    secretKey	Requires valid value Default = [empty]	Tenable.io Secret Key
    proxy	Optional Default = [empty]	Proxy Server URL
    verifyCerts	Default = false [Configurable value of true or false]	Validates the website address matches the address on the certificate, similar to browser level validation.

    Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.

10. (Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.

11. Key	Value	Description
    batchSize	Default = 1000 (records at a time) [Configurable]	Used for defining batches of content to be retrieved in a single call.  JavaScript makes incremental calls to pull the next batch of data.
    socketLimit	Default = 10 [Configurable value of 1-25]	Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.
    maxRetry	Default = 1 [Configurable value of 0-2]	Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.
    requestsPerMin	Default = 60 [Configurable value]	A parameter to allow clients to govern the number of API requests made by Archer to the external integration.
    lastRunTimeOffset	Default = -1 [Configurable value]	Ensures no data loss in the scenarios where calculations with Datetime can be a factor.  Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.

11. For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.

12. Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.

13. The following table describes token values to verify.

    Token	Value
    LastRunTime	(Populated by feed)

    Note: For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.

13. Verify that key field values are not missing from the data feed setup window.

14. Click Save.

The following are the mappings of the source and target fields in the data feed.

Source Field	Target Field
ID	Device Name
Source	Last Updated By
Last_Scan_Time	Last Scan Date Time
Last_Authenticated_Scan_Date	Last Vulnerability Authenticated Scanned Date Time
Serial_Number	Serial Number
Ipv4s	External IPv4 Address
Ipv6s	External IPv6 Address
FQDNS	Domain Name
Mac_Addresses	MAC Address
Netbios_Names	NetBIOS Name
Operating_Systems	Operating System
System_Types	Description
Host_Names	Host Name
Name	Network Name
Operating_System_Technology	Operating System Technologies
Application_Technology	Application Technologies
Hardware_Technology	Hardware Technologies

Set up the Tenable.io Vulnerability Generate 2025.04 data feed

The objective of this data feed is to initiate the Export Vulnerabilities job in Tenable.io using the ‘https://cloud.tenable.com/vulns/export` endpoint. This data feed does not create/update any Archer records. The execution time of the Data Feed depends on the volume of Tenable data. The ingestion of the assets will be done by the Tenable.io Assets Vulnerability 2025.04 data feed.

Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.

Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.

1. Go to the Manage Data Feeds page.

   1. From the menu bar, click .

   2. Under Integration, click Data Feeds.

2. In the Manage Data Feeds section, click Import.

3. Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.

4. Click Open.

5. In the General Information section, in the Status field, select Active.

6. In the Additional Properties section, enable Optimize Calculations.

7. Click the Transport tab.

8. In the Transport Configuration section, complete the following:

   1. Click Upload.

   2. From the Upload JavaScript File dialog, click Add New.

   3. Locate and select the signed-TenableIO_1.0.2js file and click Open.

   4. From the Upload JavaScript File dialog, click OK.

9. The JavaScript code allows clients to pass in different variables through our Custom Parameters section.  The following table describes the supported values for specific Custom Parameters.

10. Key	Value	Description
    feedType	Requires valid value ‘Vulnerability’ Default = [empty]	‘Vulnerability’ should be provided for Vulnerability’ Generate data feed.
    Objective	Requires valid value ‘Generate’ Default = [empty]	‘Generate’ should be provided for initiating the Vulnerability generation job in Tenable.io
    url	Requires valid value Default = [empty]	Please use the Tenable.io URL: https://cloud.tenable.com
    accessKey	Requires valid value Default = [empty]	Tenable.io Access Key
    secretKey	Requires valid value Default = [empty]	Tenable.io Secret Key
    proxy	Optional Default = [empty]	Proxy Server URL
    verifyCerts	Default = false [Configurable value of true or false]	Validates the website address matches the address on the certificate, similar to browser level validation.
    num_assets	Optional Default = 500	Requires an Integer value 50 to 5000
    include_unlicensed	Optional Values: True/False	Requires a Boolean value
    first_found	Optional Type: Date Default = [empty]	Format- YYYY-MM-DD
    last_found	Optional Type: Date Default = [empty]	Format- YYYY-MM-DD
    since	Requires valid value Type: Date Default = [empty] Values: <LastRunTime>	Format- YYYY-MM-DD Please use <LastRunTime> token for incremental loads.
    last_fixed	Optional Type: Date Default = [empty]	Format- YYYY-MM-DD
    cve_category	Optional Type: Array Default = [empty]	Requires String values
    exploit_maturity	Optional Type: Array Default = [empty]	Requires String values
    plugin_family	Optional Type: Array Default = [empty]	Requires String values
    plugin_type	Optional Type: Array Default = [empty]	Requires Integers value
    severity	Optional Type: Array Default = [empty]	Requires String values
    state	Optional Type: Array Default = [empty]	Requires String values
    source	Optional Type: Array Default = [empty]	Requires String values

    Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.

10. (Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.

11. Key	Value	Description
    batchSize	Default = 1000 (records at a time) [Configurable]	Used for defining batches of content to be retrieved in a single call.  JavaScript makes incremental calls to pull the next batch of data.
    socketLimit	Default = 10 [Configurable value of 1-25]	Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.
    maxRetry	Default = 1 [Configurable value of 0-2]	Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.
    requestsPerMin	Default = 60 [Configurable value]	A parameter to allow clients to govern the number of API requests made by Archer to the external integration.
    lastRunTimeOffset	Default = -1 [Configurable value]	Ensures no data loss in the scenarios where calculations with Datetime can be a factor.  Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.

11. For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.

12. Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.

13. The following table describes token values to verify.

    Token	Value
    LastRunTime	(Populated by feed)

    For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.

13. Verify that key field values are not missing from the data feed setup window.

14. Click Save.

Set up the Tenable.io Vulnerability Ingest 2025.04 data feed

The objective of the data feed is to ingest the Tenable vulnerabilities into Vulnerability Scan Results application. The Vulnerability extraction job is initiated by the Tenable.io Vulnerability Generate 2025.04 data feed. This data feed must execute after Tenable.io Vulnerability Generate 2025.04 data feed for latest updates.

Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.

Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.

1. Go to the Manage Data Feeds page.

   1. From the menu bar, click .

   2. Under Integration, click Data Feeds.

2. In the Manage Data Feeds section, click Import.

3. Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.

4. Click Open.

5. In the General Information section, in the Status field, select Active.

6. In the Additional Properties section, enable Optimize Calculations.

7. Click the Transport tab.

8. In the Transport Configuration section, complete the following:

   1. Click Upload.

   2. From the Upload JavaScript File dialog, click Add New.

   3. Locate and select the signed-TenableIO_1.0.2js file and click Open.

   4. From the Upload JavaScript File dialog, click OK.

9. The JavaScript code allows clients to pass in different variables through our Custom Parameters section.  The following table describes the supported values for specific Custom Parameters.

10. Key	Value	Description
    feedType	Requires valid value ‘Vulnerability’ Default = [empty]	‘Vulnerability’ should be provided for ‘Vulnerability Ingest’ data feed.
    Objective	Requires valid value ‘Ingest’ Default = [empty]	‘Ingest’ should be provided for ingesting Vulnerabilities into Vulnerability Scan Results application.
    url	Requires valid value Default = [empty]	Please use the Tenable.io URL: https://cloud.tenable.com
    accessKey	Requires valid value Default = [empty]	Tenable.io Access Key
    secretKey	Requires valid value Default = [empty]	Tenable.io Secret Key
    proxy	Optional Default = [empty]	Proxy Server URL
    verifyCerts	Default = false [Configurable value of true or false]	Validates the website address matches the address on the certificate, similar to browser level validation.

    Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.

10. (Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.

11. Key	Value	Description
    batchSize	Default = 1000 (records at a time) [Configurable]	Used for defining batches of content to be retrieved in a single call.  JavaScript makes incremental calls to pull the next batch of data.
    socketLimit	Default = 10 [Configurable value of 1-25]	Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.
    maxRetry	Default = 1 [Configurable value of 0-2]	Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.
    requestsPerMin	Default = 60 [Configurable value]	A parameter to allow clients to govern the number of API requests made by Archer to the external integration.
    lastRunTimeOffset	Default = -1 [Configurable value]	Ensures no data loss in the scenarios where calculations with Datetime can be a factor.  Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.

11. For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.

12. Click the Source Definition tab. Click the Tokens sub-tab.

13. Verify token values. The following table describes token values to verify.

14. Token	Value
    LastRunTime	(Populated by feed)

    For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.

13. Verify that key field values are not missing from the data feed setup window.

14. Click Save.

The following are the mappings of the source and target fields in the data feed.

Source Field	Target Field
Archer_Source	Source
Title	Title
DFMKey	DFMKey
Fqdn	FQDN
Hostname	Hostname
Uuid	Host ID Impacted Device/Device Name
Ipv4	IPv4
Ipv6	Ipv6
Mac_Address	MAC Address
Netbios_name	NetBIOS Name
Operating_System	Operating System
Network_Id	Network ID
Output	Results
Bid	Tenable Plugin ID
Description	Tenable Plugin Information
Id	Vulnerability Library Details/ID Vulnerability ID
Modification_Date	Last Date Updated
Score	Priority
CVE	CVE ID
Operating_System_Technology	CPE Operating System Technology
PortNumber	Port Number
Protocal	Protocol
Service	Service
Started_At	Last Device Scan Date
Severity	Severity Tenable Severity Name
Severity_Id	Tenable Severity ID
First_Found	First Found Date
Last_Found	Last Found Date

Using the Tenable.io data feeds

Scheduling data feeds

Important: A data feed must be active and valid to successfully run.

As you schedule your data feed, the Data Feed Manager validates the information. If any information is invalid, an error message display. You can save the data feed and correct the errors later; but the data feed does not process until you make corrections.

All data feeds are set to run daily by default.

1. From the menu bar, click  .

2. Go to the Schedule tab of the data feed that you want to modify.

   1. From the menu bar, click .

   2. Under Integration, click Data Feeds.

   3. Select the data feed.

   4. Click the Schedule tab.

3. Go to the Recurrences section and complete frequency, start and stop times, and time zone.

The following table describes the fields in the Recurrences section.

Field	Description
Frequency	Specifies the interval in which the data feed runs, for example, Minutely, Hourly, Daily, Weekly, Monthly, or Reference. Minutely. Runs the data feed by the interval set. For example, if you specify 45 in Every list, the data feed executes every 45 minutes. Hourly. Runs the data feed by the interval set, for example, every hour (1), every other hour (2) and so forth. Daily. Runs the data feed by the interval set, for example, every day (1), every other day (2) and, so forth. Weekly. Runs the data feed based on a specified day of the week, for example, every Monday of the first week (1), every other Monday (2), and so forth. Monthly. Runs the data feed based on a specified week of the month, for example, 1st, 2nd, 3rd, 4th, or Last. Recurrence. Runs a specified data feed as runs before the current one. This option indicates to the Data Feed Service that this data feed starts as soon as the referenced data feed completes successfully. For example, you can select to have a Threats data feed run immediately after your Assets data feed finishes. From the Reference Feed list, select after which existing data feed the current data feed starts. A reference data feed will not run when immediately running a data feed. The Run Data Feed Now option only runs the current data feed.
Every	Specifies the interval of the frequency in which the data feed runs.
Start Time	Specifies the time the data feed starts running.
Start Date	Specifies the date on which the data feed schedule begins.
Time Zone	Specifies the time zone in of the server that runs the data feed.

4. (Optional) To override the data feed schedule and immediately run your data feed, in the Run Data Feed Now section, click Start.

5. Click Save.

Certification environment

Date Tested: July 2025

Product Name	Version Information	Operating System
Archer	2025.04	Virtual Appliance
Tenable.io	NA	NA