Policies

The following methods allow for interaction into the Tenable Vulnerability Management policies API.

Methods available on tio.policies:

class PoliciesAPI(api: APISession)[source]
configure(id, policy)[source]

Configures an existing policy.

policies: configure

Parameters:
  • id (int) – The policy unique identifier.

  • policy (dict) – The updated policy definition to push into Tenable Vulnerability Management. As these policies can be quite complex, please refer to the documentation in the policies: configure page (linked above).

Returns:

Policy successfully modified.

Return type:

None

Examples

>>> policy = tio.policies.details(1)
>>> policy['settings']['name'] = 'Updated Policy Name'
>>> tio.policies.configure(policy)
copy(id)[source]

Duplicates a scan policy and returns the copy.

policies: copy

Parameters:

id (int) – The unique identifier of the policy you wish to copy.

Returns:

A dictionary containing the name and id of the policy copy.

Return type:

dict

Example

>>> policy = tio.policies.copy(1)
create(policy)[source]

Creates a new scan policy based on the policy dictionary passed.

policies: configure

Parameters:

policy (dict) – The policy definition to push into Tenable Vulnerability Management. As these policies can be quite complex, please refer to the documentation in the policies: configure page (linked above).

Returns:

A dictionary containing the name and id of the new policy.

Return type:

dict

Examples

>>> policy = tio.policies.template_details('basic')
>>> policy['settings']['name'] = 'New Scan Policy'
>>> info = tio.policies.create(policy)
delete(id)[source]

Delete a custom policy.

policies: delete

Parameters:

id (int) – The unique identifier of the policy to delete.

Returns:

The policy was successfully deleted.

Return type:

None

Examples

>>> tio.policies.delete(1)
details(id)[source]

Retrieve the details for a specific policy.

policies: details

Parameters:

id (int) – The unique identifier of the policy.

Returns:

The dictionary definition of the policy.

Return type:

dict

Examples

>>> policy = tio.policies.details(1)
list()[source]

List the available custom policies.

policies: list

Returns:

List of policy resource documents.

Return type:

list

Examples

>>> for policy in tio.policies.list():
...     pprint(policy)
policy_export(id, fobj=None)[source]

Exports a specified policy from Tenable Vulnerability Management.

policies: export

Parameters:
  • id (int) – The unique identifier of the policy to export.

  • fobj (FileObject, optional) – A file-like object to write the contents of the policy to. If none is provided a BytesIO object will be returned with the policy.

Returns:

A file-like object containing the contents of the policy in XML format.

Return type:

FileObject

Examples

>>> with open('example.nessus', 'wb') as policy:
...     tio.policies.policy_export(1, policy)
policy_import(fobj)[source]

Imports a policy into Tenable Vulnerability Management.

policies: import

Parameters:

fobj (FileObject) – The file object of the scan policy you wish to import.

Returns:

The dictionary of the imported policy.

Return type:

dict

Examples

>>> with open('example.nessus') as policy:
...     tio.policies.policy_import(policy)
template_details(name)[source]

Calls the editor API and parses the policy template config to return a document that closely matches what the API expects to be POSTed or PUTed via the policy create and configure methods. The compliance audits and credentials are populated into the ‘current’ sub-document for the relevant resources.

Parameters:

name (str) – The name of the scan template.

Returns:

The policy configuration resource.

Return type:

dict

Examples

>>> template = tio.policies.template_details('basic')
>>> pprint(template)

Please note that template_details is reverse-engineered from the responses from the editor API and isn’t guaranteed to work.

templates()[source]

returns a dictionary of the scan policy templates using the format of dict[‘name’] = ‘UUID’. This is useful for being able to define scan policy templates w/o having to remember the UUID for each individual one.