Guide

Importing a Tenable Nessus Scan End to End

2 min read

Get the document

Tell us where to send it. The PDF lands in your inbox in under a minute.

About

About this guide

Move from a credentialed connection to a deduplicated, governed finding queue, covering connect, threshold, list, import, correlate, and read the delta.

This guide takes a Tenable or Nessus scan from connection to a governed finding queue in PMAP. You create a scanner connection whose credentials are encrypted at rest, verify it with an inline connection test, and configure the import severity threshold so low-signal results never reach your queue. You also learn the connector model and the scan lifecycle behind the import pipeline.

Importing a Tenable Nessus Scan End to End
The integration connect form: a vendor-driven ConfigPanel with base URL, auth fields, name, and an inline test button before save.

It is written for vulnerability managers standardizing how scanner data enters PMAP. By the end you can list the importable vendor scans and read their adoption status, run the import into a chosen company and project under live status sync, confirm correlation deduplicated on import through the four-case fingerprint pipeline, read the new versus regression versus total delta with refreshed coverage counts, and make the import recurring with a per-integration cron schedule.

Inside this guide

  • Understand the connector model and the scan lifecycle behind the import pipeline.
  • Create the connection with credentials encrypted at rest and test it before you trust it.
  • Configure the import severity threshold so low-signal results never reach the queue.
  • List importable scans, read adoption status, and run the import into a company and project.
  • Watch the scan reach completed under live status sync.
  • Confirm deduplication happened on fingerprint, then read the finding delta and coverage.
  • Schedule recurring imports and backfill historical scans where needed.

Before you start

  • A PMAP account that can create and edit integrations and import scans into your target company and project.
  • Reachable Tenable.io, Tenable.sc, or Nessus credentials for a service account that can list and read completed scans.
  • At least one completed scan on the vendor side, so the importable-scan picker has something to offer.
  • Agreement with your vulnerability manager on the minimum severity worth tracking, which becomes the import_severity_threshold.
  • An active target company, since scan creation is blocked when the target company is deactivated (company.ErrCompanyInactive).

All resources

Keep exploring

Related resources

See it live

Ready to see PMAP in action?

Talk to our team or jump straight into a guided tour of the platform.

We use your email only to set up your guided tour. No marketing drip, no third-party tracking.