Tenable.io Vulnerability Management
Tenable.io Vulnerability Management is a cloud-based vulnerability management platform built on advanced Nessus Vulnerability Assessment technology by Tenable Network Security. It consolidates and evaluates vulnerability data across your organization, while prioritizing security risks and providing a clear view of your security posture. Built on Nessus technology, Tenable.io discovers unknown assets that can be cataloged as part of your asset inventory.
The integration of Tenable.io with the Archer IT & Security Vulnerabilities Program use case enables customers to leverage the discovered devices and catalog those network devices with the vulnerability library. With Archer, clients can then identify which assets require remediation based on the business priority of that asset.
With the Archer Exchange, the Archer team and our trusted partners have created a broad selection of supplemental, value-added offerings to help you get your unique risk management program on the right path, right from the start. You can leverage the Archer Exchange offerings to expand the use of Archer solutions into new business processes and address specific industry, geographic, regulatory, or technical requirements. The Archer Exchange features a fast and agile development cycle, enabling quick delivery of new and updated offerings for trending issues and connections to innovative technologies.
To learn more, see Tenable.io Vulnerability Management Integration on the Archer Exchange.
On this page
Release history
Last updated |
Published Date |
Summary |
---|---|---|
2025.04 |
July 2025 |
|
2024.11 |
April 2025 |
Initial release available:
|
Overview
The Tenable.io Vulnerability Management integration with Archer enables organizations to do the following:
-
Supplement the Vulnerability Library application with plugin content, which includes extensive CVE coverage.
-
Discover and catalog of assets, including unauthorized assets.
-
Capture network vulnerabilities using scanning technologies.
-
Gain quick visibility to assess risk posture on critical infrastructure devices.
-
Validate vulnerabilities inside Archer once scanners no longer detect vulnerabilities.
-
Identify which vulnerabilities with automated prioritization, that combines vulnerability data, threat intelligence and data science.
Prerequisites (ODA and system requirements)
Components |
Prerequisites |
---|---|
Archer Solution Area(s) |
IT & Security Risk Management |
Archer Use Case(s) |
|
Archer Applications |
|
Uses Custom Objects |
No |
Requires Archer On-Demand Application (ODA) License |
This offering requires zero (0) Archer On-Demand Applications. |
Archer Requirements |
Archer Platform Release 2025.04 and later |
Supported Archer Environments |
Note: This offering is available only to Archer SaaS clients on Archer Platform Release 2025.04 or later, which has the updates to the Archer IT Security Vulnerabilities Program required for this offering. While a prior version was available for on-premises clients in Archer Platform Release 2024.11, the current offering does not support on-premises environments |
Partner/Vendor Requirements |
Valid Tenable.io license is required. Additional fees may apply. |
Related applications
Application |
Use Case |
Primary Purpose(s) of the Relationship |
---|---|---|
Vulnerability Library |
IT Securities Vulnerabilities Program (IT Security & Risk Management) |
|
Vulnerability Scan Results |
IT Securities Vulnerabilities Program (IT Security & Risk Management) |
|
Vulnerability Reference Lists |
IT Securities Vulnerabilities Program (IT Security & Risk Management) |
|
Devices |
IT Asset Catalog |
|
Impacted use case
The following Archer use case is impacted: IT Securities Vulnerabilities Program
Additional resources
The following additional resources are available for this offering:
Architecture diagram
The following diagram shows the relationships between the applications that make up the Tenable.io Vulnerability Management integration.
Security considerations
The information in this publication is provided “as is”. Archer makes no representations or warranties of any kind with respect to the information in this publication and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. Client is solely responsible for ensuring that the installation of the application is performed in a secure manner. Archer recommends clients perform a full security evaluation prior to implementation.
Configuring the data feeds
Included data feeds
Tenable.io provides a REST API that allows for the capability to script in interactions directly with the Tenable.io server. With Archer JavaScript Transporter, clients can easily authenticate to the server and make multiple, dependent API calls extracting large amounts of data in a single data feed.
The following data feeds are provided with this integration:
Data Feed |
Description |
---|---|
Tenable.io Plugins 2025.04 |
The Tenable.io Plugins Archer 2025.04 feed is a JavaScript Transporter feed that utilizes API calls to extract all requested plugin definitions. Tenable.io data is imported and leveraged in the Vulnerability Library application. |
Tenable.io Assets Generate 2025.04 |
The Tenable.io Assets Generate 2025.04 feed is a JavaScript Transporter feed that initiates the Tenable.io Assets Export job through the API requests. Archer offers configurable settings that allow individual clients to define how to uniquely identify devices in their organization. The feed does not insert or update any records in Archer. |
Tenable.io Assets Ingest 2025.04 |
The Tenable.io Assets Ingest 2025.04 feed utilizes API calls to extract all the asset inventory discovered based on a client’s scanner configuration and implementation set in the Tenable.io Assets Generate 2025.04 feed. Tenable.io Assets are imported and leveraged in the Devices application. |
Tenable.io Vulnerability Generate 2025.04 |
The Tenable.io Vulnerability Generate 2025.04 feed is a JavaScript Transporter feed that utilizes API calls to extract the vulnerabilities detected on each asset. For data ingestion, Archer offers configurable settings that allow individual clients to filter vulnerabilities. The feed does not insert/update any records in Archer. |
Tenable.io Vulnerability Ingest 2025.04 |
The Tenable.io Vulnerability Ingest 2025.04 feed utilizes API calls to extract the vulnerabilities detected on each asset based on the configurations set in the Tenable.io Vulnerability Generate 2025.04. Tenable.io vulnerabilities are imported and leveraged in the Vulnerability Scan Results application. |
Important: You must install all package files before importing data feeds. Package files include the IT Security Vulnerabilities Program use case package, the Enterprise Catalog package, and the Issues Management prerequisite use case package. For more information, see the “Installing the Packages” section of the IT Security Vulnerabilities Program use case in the Archer Online Documentation.
Note: The Tenable.io data feeds are dependent on the Tenable.io API response data volume and their execution might take longer than the session timeout set for the Archer Services Parameter account. The data feed might fail due to 'Invalid session token'. In this case, please increase the session timeout of Archer Service Parameter. See the following article in the Archer Community for details https://www.archerirm.community/s/article/Failure-of-Long-Running-Jobs-for-Data-Imports-or-Content-Deletion-in-Archer.
Data feed import sequence
Import and run the data feeds in the following order:
-
(Optional) NVD Data Feeds
Note: For information on setting up the NVD data feeds, see NIST National Vulnerability Database (NVD) Integration.
-
Tenable.io Plugins 2025.04
-
Run both Generate data feeds:
-
Tenable.io Assets Generate 2025.04
-
Tenable.io Vulnerability Generate 2025.04
-
-
Note: The sufficient time gap of ~5 hours has been provided between Tenable.io Assets Generate and Ingest data feeds. If the Assets Generate takes more time than 5 hours to complete due to high volume of Assets data, adjust the time gap between the data feeds accordingly.
-
Tenable.io Assets Ingest 2025.04
-
Tenable.io Vulnerability Ingest 2025.04
Note: After setting up the data feeds, you can schedule the feeds to run when you want to. For more information, see the Scheduling Data Feeds section.
Configure the JavaScript Transporter settings
Complete the following steps for Vulnerability Generate and Ingest data feeds.
Update JavaScript Transporter settings
-
Open the Archer Control Panel.
-
Go to Instance Management > All Instances.
-
Select an instance.
-
On the General tab, go to the JavaScript Transporter section.
-
In the Max Memory Limit field, set the value to 2048 MB (2 GB).
-
In the Script Timeout field, set the value to 120 minutes (2 hours).
-
Require Signature is active by default on install. Signed Certificate Thumbprints are required for all Hosted clients.
-
In the Signing Certificate Thumbprints section, add a thumbprint for each digitally signed JavaScript file.
-
In the Signing Certificate Thumbprints section, double-click an empty cell.
-
Enter the digital thumbprint of the trusted certificate used to sign the JavaScript file.
Note: For more information on how to obtain digital thumbprints, see "Digital Thumbprints" below.
Important: If you enable Require Signature and do not specify thumbprints, JavaScript files will not be accepted by the system.
-
-
-
On the toolbar, click Save.
Digital thumbprints
When running JavaScript data feeds, you can set the system to only allow digitally signed JavaScript files from trusted sources for security considerations.
For a certificate to be trusted, all certificates in the chain, including the Root CA Certificate and Intermediate CA certificates, must be trusted on both the Web Server and Services Server machines.
Archer Technologies Security LLC Certificate in the Trusted Root CA Store
By default, the Archer Technologies Security LLC certificate is not present on every machine’s root.
-
On the JavaScript file, right-click and select Properties.
-
Click the Digital Signatures tab.
-
From the Signature List window, select Archer Technologies Security LLC.
-
Click the Details button.
-
Click View Certificate.
-
Click Install Certificate.
-
Select Local Machine.
-
Click Next.
-
Select Place all certificates in the following store, and click Browse.
-
Select Trusted Root Certification Authorities, and click OK.
-
Click Next.
-
Click Finish.
-
-
-
Upon successful import, click OK.
Obtain a certificate thumbprint
-
On the Web Server and Services Server machines, open the Manage User Certificates program.
-
From the Windows Start menu, launch certmgr. (Manage User Certificates).
-
Navigate to Certificates – Local Computer > Trusted Root Certification Authorities > Certificates.
-
Ensure the following certificates are in the Certificates sub-folder of the Trust Root Certification Authorities folder:
-
Archer Technologies Security LLC.
-
Archer Technologies Security 2048 V3 (Standard certificate).
-
-
-
Verify that the certificate is trusted.
-
Double-click the Archer Technologies Security LLC certificate.
-
In the Certificate window, click the Certification Path tab.
-
Ensure that the Certificate Status window displays the following message: “This certificate is OK.”
Note: If the Certificate Status window displays a different message, follow the onscreen instructions.
-
-
Obtain the trusted certificate thumbprint.
-
In the Certificate window, click the Details tab.
-
Scroll to and select the Thumbprint field.
The certificate's digital thumbprint appears in the window.
-
Copy the thumbprint.
Note: For information on adding digital thumbprints, see Step 7a of "Configuring the JavaScript Transporter Settings" above.
-
Setting up the Tenable.io data feeds
There are five data feeds for Tenable.io integration. The data feeds for Vulnerabilities and Assets have been divided into two sets-
-
Generate: This feed initiates the job execution in Tenable.io. The completion of the Tenable.io job depends on the volume of data.
-
Ingest: This feed ingests the Tenable.io data that was generated based on parameters passed in the Generate phase.
The data feeds ingest Tenable.io data based on the date settings in the Custom parameter that is set to <LastRunTime>.
-
The default setting for the Date parameter is as follows:
-
Tenable.io Plugins 2025.04 Data Feed- last_updated
-
Tenable.io Assets Generate 2025.04 Data Feed-created_at
-
Tenable.io Vulnerability Generate 2025.04 Data Feed- since
-
In addition to the Date settings, parameters are provided to adjust the volume of data loads. These parameters are set at lowest settings; adjust the parameters to higher values for faster execution of data feed.
Note: While increasing the Custom parameters settings to a higher value, also increase the 'Max Memory Limit' settings in the Archer Control Panel accordingly. The minimum value of the 'Max Memory Limit' setting should be set at 2048 MB.
The following parameters can be used to increase/decrease the data volume per API request.
-
Tenable.io Plugins 2025.04 Data Feed- num_assets
-
Tenable.io Assets Generate 2025.04 Data Feed-chunck_size
-
Tenable.io Vulnerability Generate 2025.04 Data Feed- since
The data feeds execute into two phases: Initial Load and Incremental Load.
-
Initial Load. This is the phase when the data feeds are imported and run for the first time. Since the LastRunTime is empty the data feeds will pull Tenable.io API data from 01-01-2000. The data volume is high in this phase; hence it is suggested to increase the Archer Service Parameter session timeout to a higher value. Update the LastRunTime token with a custom date if you need data to be pulled from a different date instead of 01-01-2000.
-
Incremental Phase. After the initial run, the LastRunTime token gets updated with the current date time and subsequent data feeds run only pull the incremental Tenable.io data.
Important: In the event your integration is attempting to extract large amounts data, the execution of the JavaScript code could take multiple hours. In order to avoid a timeout of the session token, the Archer Services Parameter must be extended. Currently the Archer Services account timeout parameter is set by default to 30 minutes. In the event the JavaScript code has not completed in the allotted timeframe, the data feed will fail.
Set up the Tenable.io Plugins 2025.04 data feed
Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.
Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.
-
Go to the Manage Data Feeds page.
-
From the menu bar, click
.
-
Under Integration, click Data Feeds.
-
-
In the Manage Data Feeds section, click Import.
-
Locate and select the Tenable.io Plugins 2025.04.dfx5 file.
-
Click Open.
-
In the General Information section, in the Status field, select Active.
-
In the Additional Properties section, enable Optimize Calculations.
-
Click the Transport tab.
-
In the Transport Configuration section, complete the following:
-
Click Upload.
-
From the Upload JavaScript File dialog, click Add New.
-
Locate and select the signed-TenableIO_1.0.2.js file and click Open.
-
From the Upload JavaScript File dialog, click OK.
-
-
The JavaScript code allows you to pass in different variables through the Custom Parameters section. The following table describes the supported values for specific Custom Parameters.
-
Key
Value
Description
feedType
Requires valid value ‘Plugins’
Default = [empty]
‘Plugins’ should be provided for ‘Plugins’ data feed.
url
Requires valid value
Default=[empty]
Valid Tenable.io URL
https://cloud.tenable.com
accessKey
Requires valid value
Default = [empty]
Tenable.io Access Key
secretKey
Requires valid value
Default = [empty]
Tenable.io Secret Key
last_updated
Requires valid value
Default = <LastRunTime>
The last updated date to filter on in the YYYY-MM-DD format. Tenable.io Vulnerability Management returns only the plugins that have been updated after the specified date.
size
Requires valid value
Default = 5000
The number of records to include in the result set. Default is 1,000. The maximum size is 10,000.
proxy
Optional
Default = [empty]
Proxy server URL
verifyCerts
Default = false
[Configurable value of true / false]
Validates the website address matches the address on the certificate, similar to browser level validation.
Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.
-
The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.
-
Key
Value
Description
batchSize
Default = 1000 (records at a time)
[Configurable]
Used for defining batches of content to be retrieved in a single call. JavaScript makes incremental calls to pull the next batch of data.
socketLimit
Default = 10
[Configurable value of 1-25]
Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.
maxRetry
Default = 1
[Configurable value of 0-2]
Indicates the number of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.
requestsPerMin
Default = 60
[Configurable value]
A parameter to allow clients to govern the number of API requests made by Archer to the external integration.
lastRunTimeOffset
Default = -1
[Configurable value]
Ensures no data loss in the scenarios where calculations with Datetime can be a factor.
-
For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.
-
Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.
-
The following table describes token values to verify.
Token
Value
LastRunTime
(Populated by feed)
Note: For more information about tokens, see "Data Feed Tokens" in the Archer Online Documentation.
-
Verify that key field values are not missing from the data feed setup window.
-
Click Save.
The following are the mappings of the source and target fields in the data feed.
Source Field |
Target Field |
---|---|
DFMKey |
DFMKey |
Source |
Source |
ID |
ID |
Name |
Title |
Plugin_Type |
Tenable Check Type |
Synopsis |
Abstract |
Description |
Description |
Solution |
Solution |
See_Also |
Tenable see Also |
Plugin_Publication_Date |
Tenable Plug In Published Date |
Vuln_Publication_Date |
TenableVulnerability Published Date |
Patch_Publication_Date |
Tenable Patch Publish Date |
Exploitability_Ease |
Tenable Exploit Ease |
Exploit_Available |
Tenable Exploit Available |
Risk_Factor |
Tenable Risk Factor |
CPE |
Tenable CPE Full Configuration Name |
Plugin_Modification_Date |
Tenable Plug In Modified Date |
Plugin_Version |
Version |
Required_Ports |
Tenable Required Ports |
Required_UDP_Ports |
Tenable Required UDP Ports |
Dependencies |
Tenable Dependencies |
AccessVector |
Tenable CVSS v2 Vector |
Cvss_Temporal_Score |
CVSS v2 Temporal Score |
Cvss_Base_Score |
CVSS v2 Base Score |
AccessVector |
Tenable CVSS v3 Vector |
Cvss3_Temporal_Score |
CVSS v3 Temporal Score |
Cvss3_Base_Score |
CVSS v3 Base Score |
Score |
Tenable vprScore |
TYPE |
Vulnerability Reference Lists/Type |
url |
Vulnerability Reference Lists/url |
Attack_Vector |
Tenable CVSS v2 Access Vector |
Attack_Complexitiy |
Tenable CVSS v2 Access Complexity |
Authentication |
Tenable CVSS v2 Authentication |
Confidentiality |
Tenable CVSS v2 Impact Confidentiality |
Integrity |
Tenable CVSS v2 Impact Integrity |
Availability |
Tenable CVSS v2 Impact Availability |
Exploitability |
Tenable CVSS v2 Exploitability |
Remediation_Level |
Tenable CVSS v2 Remediation Level |
Report_Confidence |
Tenable CVSS v2 Report Confidence |
Attack_Vector |
Tenable CVSS v3 Attack Vector |
Attack_Complexitiy |
Tenable CVSS v3 Attack Complexity |
Privileges |
Tenable CVSS v3 Privileges Required |
User_Interaction |
Tenable CVSS v3 User Interaction |
Scope |
Tenable CVSS v3 Scope |
Confidentiality_Impact |
Tenable CVSS v3 Confidentiality Impact |
Integrity_Impact |
Tenable CVSS v3 Integrity Impact |
Availability_Impact |
Tenable CVSS v3 Availability Impact |
Exploitability |
Tenable CVSS v3 Exploit Code Maturity |
Remediation_Level |
Tenable CVSS v3 Remediation Level |
Report_Confidence |
Tenable CVSS v3 Report Confidence |
Operating_System_Technology |
CPE Operating System Technologies |
Application_Technology |
CPE Application Technologies |
Hardware_Technology |
CPE Hardware Technologies |
Family_Id |
Tenable Family ID |
Family_Name |
Tenable Family Name |
Set up the Tenable.io Assets Generate 2025.04 data feed
The objective of this data feed is to initiate the Export Assets job in Tenable.io using the ‘https://cloud.tenable.com/assets/export’ endpoint. This data feed does not create/update any Archer records. The execution time of the data feed depends on the volume of Tenable data. The ingestion of the assets will be done by the Tenable.io Assets Ingest 2025.04 data feed.
Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.
Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.
-
Go to the Manage Data Feeds page.
-
From the menu bar, click
.
-
Under Integration, click Data Feeds.
-
-
In the Manage Data Feeds section, click Import.
-
Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.
-
Click Open.
-
In the General Information section, in the Status field, select Active.
-
In the Additional Properties section, enable Optimize Calculations.
-
Click the Transport tab.
-
In the Transport Configuration section, complete the following:
-
Click Upload.
-
From the Upload JavaScript File dialog, click Add New.
-
Locate and select the signed-TenableIO_1.0.2.js file and click Open.
-
From the Upload JavaScript File dialog, click OK.
-
-
The JavaScript code allows you to pass in different variables through the Custom Parameters section. The following table describes the supported values for specific Custom Parameters.
-
Key
Value
Description
feedType
Requires valid value ‘Assets
Default = [empty]
‘Assets’ should be provided for ‘Assets Generate’ data feed.
Objective
Requires valid value ‘Generate’
Default = [empty]
‘Generate’ should be provided for initiating the Assets generation job in Tenable.io
url
Requires valid value
Default = [empty]
Please use the Tenable.io URL:
https://cloud.tenable.com
accessKey
Requires valid value
Default = [empty]
Tenable.io Access Key
secretKey
Requires valid value
Default = [empty]
Tenable.io Secret Key
proxy
Optional
Default = [empty]
Proxy Server URL
verifyCerts
Default = false
[Configurable value of true or false]
Validates the website address matches the address on the certificate, similar to browser level validation.
chunk_size
Optional
Default = ‘1000’
Requires an Integer value
Valid Values: 100 to 10000
include_open_ports
Optional
Values: True/False
Requires a Boolean value
created_at
Requires valid value
Type: Date
Default = [empty]
Values: <LastRunTime>
Format- YYYY-MM-DD
Use <LastRunTime> token for incremental loads.
first_scan_time
Optional
Type: Date
Default = [empty]
Format- YYYY-MM-DD
last_authenticated_scan_time
Optional
Type: Date
Default = [empty]
Format- YYYY-MM-DD
last_assessed
Optional
Type: Date
Default = [empty]
Format- YYYY-MM-DD
sources
Optional
Values: Array of Plugins
Values should be in Array
e.g. [102897, 102898]
updated_at
Optional
Type: Date
Default = [empty]
Format- YYYY-MM-DD
Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.
-
(Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.
-
Key
Value
Description
batchSize
Default = 1000 (records at a time)
[Configurable]
Used for defining batches of content to be retrieved in a single call. JavaScript makes incremental calls to pull the next batch of data.
socketLimit
Default = 10
[Configurable value of 1-25]
Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.
maxRetry
Default = 1
[Configurable value of 0-2]
Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.
requestsPerMin
Default = 60
[Configurable value]
A parameter to allow clients to govern the number of API requests made by Archer to the external integration.
lastRunTimeOffset
Default = -1
[Configurable value]
Ensures no data loss in the scenarios where calculations with Datetime can be a factor. Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.
-
For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.
-
Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.
-
The following table describes token values to verify.
Token
Value
LastRunTime
(Populated by feed)
Note: For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.
-
Verify that key field values are not missing from the data feed setup window.
-
Click Save.
Set up the Tenable.io Assets Ingest 2025.04 data feed
The objective of the data feed is to ingest the Tenable assets into Devices application. The Assets extraction job is initiated by the Tenable.io Assets Generate 2025.04 data feed. This data feed must execute after Tenable.io Assets Generate 2025.04 data feed for latest updates.
Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.
Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.
-
Go to the Manage Data Feeds page.
-
From the menu bar, click
.
-
Under Integration, click Data Feeds.
-
-
In the Manage Data Feeds section, click Import.
-
Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.
-
Click Open.
-
In the General Information section, in the Status field, select Active.
-
In the Additional Properties section, enable Optimize Calculations.
-
Click the Transport tab.
-
In the Transport Configuration section, complete the following:
-
Click Upload.
-
From the Upload JavaScript File dialog, click Add New.
-
Locate and select the signed-TenableIO_1.0.2js file and click Open.
-
From the Upload JavaScript File dialog, click OK.
-
-
The JavaScript code allows clients to pass in different variables through our Custom Parameters section. The following table describes the supported values for specific Custom Parameters.
-
Key
Value
Description
feedType
Requires valid value ‘Assets
Default = [empty]
‘Assets’ should be provided for Assets Ingest data feed.
Objective
Requires valid value ‘Ingest’
Default = [empty]
‘Ingest’ should be provided for ingesting Assets into Device application
url
Requires valid value
Default = [empty]
Please use the Tenable.io URL:
https://cloud.tenable.com
accessKey
Requires valid value
Default = [empty]
Tenable.io Access Key
secretKey
Requires valid value
Default = [empty]
Tenable.io Secret Key
proxy
Optional
Default = [empty]
Proxy Server URL
verifyCerts
Default = false
[Configurable value of true or false]
Validates the website address matches the address on the certificate, similar to browser level validation.
Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.
-
(Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.
-
Key
Value
Description
batchSize
Default = 1000 (records at a time)
[Configurable]
Used for defining batches of content to be retrieved in a single call. JavaScript makes incremental calls to pull the next batch of data.
socketLimit
Default = 10
[Configurable value of 1-25]
Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.
maxRetry
Default = 1
[Configurable value of 0-2]
Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.
requestsPerMin
Default = 60
[Configurable value]
A parameter to allow clients to govern the number of API requests made by Archer to the external integration.
lastRunTimeOffset
Default = -1
[Configurable value]
Ensures no data loss in the scenarios where calculations with Datetime can be a factor. Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.
-
For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.
-
Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.
-
The following table describes token values to verify.
Token
Value
LastRunTime
(Populated by feed)
Note: For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.
-
Verify that key field values are not missing from the data feed setup window.
-
Click Save.
The following are the mappings of the source and target fields in the data feed.
Source Field |
Target Field |
---|---|
ID |
Device Name |
Source |
Last Updated By |
Last_Scan_Time |
Last Scan Date Time |
Last_Authenticated_Scan_Date |
Last Vulnerability Authenticated Scanned Date Time |
Serial_Number |
Serial Number |
Ipv4s |
External IPv4 Address |
Ipv6s |
External IPv6 Address |
FQDNS |
Domain Name |
Mac_Addresses |
MAC Address |
Netbios_Names |
NetBIOS Name |
Operating_Systems |
Operating System |
System_Types |
Description |
Host_Names |
Host Name |
Name |
Network Name |
Operating_System_Technology |
Operating System Technologies |
Application_Technology |
Application Technologies |
Hardware_Technology |
Hardware Technologies |
Set up the Tenable.io Vulnerability Generate 2025.04 data feed
The objective of this data feed is to initiate the Export Vulnerabilities job in Tenable.io using the ‘https://cloud.tenable.com/vulns/export` endpoint. This data feed does not create/update any Archer records. The execution time of the Data Feed depends on the volume of Tenable data. The ingestion of the assets will be done by the Tenable.io Assets Vulnerability 2025.04 data feed.
Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.
Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.
-
Go to the Manage Data Feeds page.
-
From the menu bar, click
.
-
Under Integration, click Data Feeds.
-
-
In the Manage Data Feeds section, click Import.
-
Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.
-
Click Open.
-
In the General Information section, in the Status field, select Active.
-
In the Additional Properties section, enable Optimize Calculations.
-
Click the Transport tab.
-
In the Transport Configuration section, complete the following:
-
Click Upload.
-
From the Upload JavaScript File dialog, click Add New.
-
Locate and select the signed-TenableIO_1.0.2js file and click Open.
-
From the Upload JavaScript File dialog, click OK.
-
-
The JavaScript code allows clients to pass in different variables through our Custom Parameters section. The following table describes the supported values for specific Custom Parameters.
-
Key
Value
Description
feedType
Requires valid value ‘Vulnerability’
Default = [empty]
‘Vulnerability’ should be provided for Vulnerability’ Generate data feed.
Objective
Requires valid value ‘Generate’
Default = [empty]
‘Generate’ should be provided for initiating the Vulnerability generation job in Tenable.io
url
Requires valid value
Default = [empty]
Please use the Tenable.io URL:
https://cloud.tenable.com
accessKey
Requires valid value
Default = [empty]
Tenable.io Access Key
secretKey
Requires valid value
Default = [empty]
Tenable.io Secret Key
proxy
Optional
Default = [empty]
Proxy Server URL
verifyCerts
Default = false
[Configurable value of true or false]
Validates the website address matches the address on the certificate, similar to browser level validation.
num_assets
Optional
Default = 500
Requires an Integer value
50 to 5000
include_unlicensed
Optional
Values: True/False
Requires a Boolean value
first_found
Optional
Type: Date
Default = [empty]
Format- YYYY-MM-DD
last_found
Optional
Type: Date
Default = [empty]
Format- YYYY-MM-DD
since
Requires valid value
Type: Date
Default = [empty]
Values: <LastRunTime>
Format- YYYY-MM-DD
Please use <LastRunTime> token for incremental loads.
last_fixed
Optional
Type: Date
Default = [empty]
Format- YYYY-MM-DD
cve_category
Optional
Type: Array
Default = [empty]
Requires String values
exploit_maturity
Optional
Type: Array
Default = [empty]
Requires String values
plugin_family
Optional
Type: Array
Default = [empty]
Requires String values
plugin_type
Optional
Type: Array
Default = [empty]
Requires Integers value
severity
Optional
Type: Array
Default = [empty]
Requires String values
state
Optional
Type: Array
Default = [empty]
Requires String values
source
Optional
Type: Array
Default = [empty]
Requires String values
Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.
-
(Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.
-
Key
Value
Description
batchSize
Default = 1000 (records at a time)
[Configurable]
Used for defining batches of content to be retrieved in a single call. JavaScript makes incremental calls to pull the next batch of data.
socketLimit
Default = 10
[Configurable value of 1-25]
Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.
maxRetry
Default = 1
[Configurable value of 0-2]
Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.
requestsPerMin
Default = 60
[Configurable value]
A parameter to allow clients to govern the number of API requests made by Archer to the external integration.
lastRunTimeOffset
Default = -1
[Configurable value]
Ensures no data loss in the scenarios where calculations with Datetime can be a factor. Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.
-
For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.
-
Click the Source Definition tab. Click the Tokens sub-tab. Verify token values.
-
The following table describes token values to verify.
Token
Value
LastRunTime
(Populated by feed)
For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.
-
Verify that key field values are not missing from the data feed setup window.
-
Click Save.
Set up the Tenable.io Vulnerability Ingest 2025.04 data feed
The objective of the data feed is to ingest the Tenable vulnerabilities into Vulnerability Scan Results application. The Vulnerability extraction job is initiated by the Tenable.io Vulnerability Generate 2025.04 data feed. This data feed must execute after Tenable.io Vulnerability Generate 2025.04 data feed for latest updates.
Important: Before you upload a JavaScript file, configure JavaScript Transporter settings in the Archer Control Panel. For more information, see Configure the JavaScript Transporter Settings.
Important: With the exception of the optional parameters specified in this procedure, changes to the JavaScript Transporter configuration file can only be achieved in a hosted environment with a Professional Services engagement. For more information, contact your account representative.
-
Go to the Manage Data Feeds page.
-
From the menu bar, click
.
-
Under Integration, click Data Feeds.
-
-
In the Manage Data Feeds section, click Import.
-
Locate and select the Tenable.io Assets Generate 2025.04.dfx5 file for the data feed.
-
Click Open.
-
In the General Information section, in the Status field, select Active.
-
In the Additional Properties section, enable Optimize Calculations.
-
Click the Transport tab.
-
In the Transport Configuration section, complete the following:
-
Click Upload.
-
From the Upload JavaScript File dialog, click Add New.
-
Locate and select the signed-TenableIO_1.0.2js file and click Open.
-
From the Upload JavaScript File dialog, click OK.
-
-
The JavaScript code allows clients to pass in different variables through our Custom Parameters section. The following table describes the supported values for specific Custom Parameters.
-
Key
Value
Description
feedType
Requires valid value ‘Vulnerability’
Default = [empty]
‘Vulnerability’ should be provided for ‘Vulnerability Ingest’ data feed.
Objective
Requires valid value ‘Ingest’
Default = [empty]
‘Ingest’ should be provided for ingesting Vulnerabilities into Vulnerability Scan Results application.
url
Requires valid value
Default = [empty]
Please use the Tenable.io URL:
https://cloud.tenable.com
accessKey
Requires valid value
Default = [empty]
Tenable.io Access Key
secretKey
Requires valid value
Default = [empty]
Tenable.io Secret Key
proxy
Optional
Default = [empty]
Proxy Server URL
verifyCerts
Default = false
[Configurable value of true or false]
Validates the website address matches the address on the certificate, similar to browser level validation.
Important: The keys and values are case-sensitive and cannot include extra spaces at the end of the strings. The listed values are in place by default but can be configured to suit your environment.
-
(Optional) The following additional parameters are valid options for the Custom Parameters section for the current JavaScript file.
-
Key
Value
Description
batchSize
Default = 1000 (records at a time)
[Configurable]
Used for defining batches of content to be retrieved in a single call. JavaScript makes incremental calls to pull the next batch of data.
socketLimit
Default = 10
[Configurable value of 1-25]
Indicates the maximum number of open socket channels to an endpoint to be used for TCP connections.
maxRetry
Default = 1
[Configurable value of 0-2]
Indicates the amount of times a retry will occur where a "socket hung up" error is encountered. If a retry is unsuccessful and the maxRetry is exceeded, the data feed will fail.
requestsPerMin
Default = 60
[Configurable value]
A parameter to allow clients to govern the number of API requests made by Archer to the external integration.
lastRunTimeOffset
Default = -1
[Configurable value]
Ensures no data loss in the scenarios where calculations with Datetime can be a factor. Example: if startDate = 2020-06-03, the code will calculate the number of days ago by using 2020-06-02.
-
For each key type, determine whether you want it to be Protected or Plain Text. Selecting Protected encrypts the key value for the specified key in the log.
-
Click the Source Definition tab. Click the Tokens sub-tab.
-
Verify token values. The following table describes token values to verify.
-
Token
Value
LastRunTime
(Populated by feed)
For more information about tokens, see "Data Feed Tokens" in the Archer Platform Help.
-
Verify that key field values are not missing from the data feed setup window.
-
Click Save.
The following are the mappings of the source and target fields in the data feed.
Source Field |
Target Field |
---|---|
Archer_Source |
Source |
Title |
Title |
DFMKey |
DFMKey |
Fqdn |
FQDN |
Hostname |
Hostname |
Uuid |
Host ID |
Ipv4 |
IPv4 |
Ipv6 |
Ipv6 |
Mac_Address |
MAC Address |
Netbios_name |
NetBIOS Name |
Operating_System |
Operating System |
Network_Id |
Network ID |
Output |
Results |
Bid |
Tenable Plugin ID |
Description |
Tenable Plugin Information |
Id |
Vulnerability Library Details/ID |
Modification_Date |
Last Date Updated |
Score |
Priority |
CVE |
CVE ID |
Operating_System_Technology |
CPE Operating System Technology |
PortNumber |
Port Number |
Protocal |
Protocol |
Service |
Service |
Started_At |
Last Device Scan Date |
Severity |
Severity |
Severity_Id |
Tenable Severity ID |
First_Found |
First Found Date |
Last_Found |
Last Found Date |
Using the Tenable.io data feeds
Scheduling data feeds
Important: A data feed must be active and valid to successfully run.
As you schedule your data feed, the Data Feed Manager validates the information. If any information is invalid, an error message display. You can save the data feed and correct the errors later; but the data feed does not process until you make corrections.
All data feeds are set to run daily by default.
-
From the menu bar, click
.
-
Go to the Schedule tab of the data feed that you want to modify.
-
From the menu bar, click
.
-
Under Integration, click Data Feeds.
-
Select the data feed.
-
Click the Schedule tab.
-
-
Go to the Recurrences section and complete frequency, start and stop times, and time zone.
The following table describes the fields in the Recurrences section.
Field |
Description |
---|---|
Frequency |
Specifies the interval in which the data feed runs, for example, Minutely, Hourly, Daily, Weekly, Monthly, or Reference.
For example, if you specify 45 in Every list, the data feed executes every 45 minutes.
A reference data feed will not run when immediately running a data feed. The Run Data Feed Now option only runs the current data feed. |
Every |
Specifies the interval of the frequency in which the data feed runs. |
Start Time |
Specifies the time the data feed starts running. |
Start Date |
Specifies the date on which the data feed schedule begins. |
Time Zone |
Specifies the time zone in of the server that runs the data feed. |
-
(Optional) To override the data feed schedule and immediately run your data feed, in the Run Data Feed Now section, click Start.
-
Click Save.
Certification environment
Date Tested: July 2025
Product Name |
Version Information |
Operating System |
---|---|---|
Archer |
2025.04 |
Virtual Appliance |
Tenable.io |
NA |
NA |