How to Integrate Tenable Nessus with Cynomi
This guide explains how to integrate Tenable Nessus with the Cynomi platform. It covers prerequisites, how to generate an API key in Tenable Nessus, and how to input the credentials in Cynomi for seamless scan data ingestion.
Prerequisites
Before beginning the integration, ensure the following:
-
Tenable Nessus is installed on an accessible host.
-
The API is enabled (
Settings → Advanced → User Interface→ “Disable API” must be set to “No”). -
Nessus API runs on TCP port
8834by default. -
You have valid user credentials, preferably from a dedicated integration account.
-
At least one Advanced scan must be completed under that account
Step 1: Generate an API Key in Tenable Nessus
-
Log in to your Nessus instance.
-
Click on Settings from the top navigation bar.
-
Select My Account from the left-hand menu.
-
Go to the API Keys tab and click Generate.
-
Confirm the generation by clicking Generate again in the dialog box.
-
Copy the Access Key and Secret Key securely. These cannot be retrieved after you leave the page
Step 2: Configure Tenable Nessus Integration in Cynomi
-
Open the Cynomi platform and navigate to your client’s sub-account.
-
Go to Scans → Integrations.
-
Select Tenable Nessus as the integration source.
-
Enter the following details:
-
Profile Name: A name of your choosing for this integration.
-
Host URL: The URL of your Nessus instance.
-
Access Key and Secret Key: Use the credentials you just generated.
-
Scan Folder Name (Optional): Defaults to
My Scansif not specified.
-
-
Click Save to complete the setup
Tips
-
Ensure firewall rules allow access to port 8834.
-
It’s recommended to use a dedicated user for this integration to maintain separation of duties and audit clarity.
-
Refresh API keys periodically to maintain security.