Tenable Security Center

Note

Please refer to the common themes section for TenableSC for details on how these methods are written from an overall concept. Not all attributes are explicitly documented, only the ones that pyTenable is augmenting, validating, or modifying. For a complete listing of the attributes that can be passed to most APIs, refer to the official API documentation that each method calls, which is conveniently linked in each method’s docs.

class TenableSC(host: Optional[str] = None, access_key: Optional[str] = None, secret_key: Optional[str] = None, **kwargs)[source]

TenableSC API Wrapper The Tenable Security Center object is the primary interaction point for users to interface with Tenable Security Center via the pyTenable library. All of the API endpoint classes that have been written will be grafted onto this class.

Parameters
  • host (str) – The address of the Tenable Security Center instance to connect to. (NOTE: The hos`t parameter will be deprecated in favor of the `url parameter in future releases).

  • access_key (str, optional) – The API access key to use for sessionless authentication.

  • adapter (requests.Adaptor, optional) – If a requests session adaptor is needed to ensure connectivity to the Tenable Security Center host, one can be provided here.

  • backoff (float, optional) – If a 429 response is returned, how much do we want to backoff if the response didn’t send a Retry-After header. The default backoff is 1 second.

  • cert (tuple, optional) – The client-side SSL certificate to use for authentication. This format could be either a tuple or a string pointing to the certificate. For more details, please refer to the Requests Client-Side Certificates documentation.

  • password (str, optional) – The password to use for session authentication.

  • port (int, optional) – The port number to connect to on the specified host. The default is port 443. (NOTE: The port parameter will be deprecated in favor of the unified url parameter in future releases).

  • retries (int, optional) – The number of retries to make before failing a request. The default is 5.

  • scheme (str, optional) – What HTTP scheme should be used for URI path construction. The default is https. (NOTE: The scheme parameter will be deprecated in favor of the unified url parameter in future releases).

  • secret_key (str, optional) – The API secret key to use for sessionless authentication.

  • session (requests.Session, optional) – If a requests Session is provided, the provided session will be used instead of constructing one during initialization.

  • ssl_verify (bool, optional) – Should the SSL certificate on the Tenable Security Center instance be verified? Default is False.

  • username (str, optional) – The username to use for session authentication.

  • timeout (int, optional) – The connection timeout parameter informing the library how long to wait in seconds for a stalled response before terminating the connection. If unspecified, the default is 300 seconds.

Examples

A direct connection to Tenable Security Center:

>>> from tenable.sc import TenableSC
>>> sc = TenableSC('sc.company.tld')

A connection to Tenable Security Center using SSL certificates:

>>> sc = TenableSC('sc.company.tld',
...     cert=('/path/client.cert', '/path/client.key'))

Using an adaptor to use a passworded certificate (via the immensely useful requests_pkcs12 adaptor):

>>> from requests_pkcs12 import Pkcs12Adapter
>>> adapter = Pkcs12Adapter(
...     pkcs12_filename='certificate.p12',
...     pkcs12_password='omgwtfbbq!')
>>> sc = TenableSC('sc.company.tld', adapter=adapter)

Using API Keys to communicate to Tenable Security Center:

>>> sc = TenableSC('sc.company.tld',
...     access_key='key',
...     secret_key='key'
... )

Using context management to handle

For more information, please See Tenable’s SC API documentation and the SC API Best Practices Guide.

property accept_risks

The interface object for the Tenable Security Center Accept Risks APIs.

property alerts

The interface object for the Tenable Security Center Alerts APIs.

property analysis

The interface object for the Tenable Security Center Analysis APIs.

property asset_lists

The interface object for the Tenable Security Center Asset Lists APIs.

property audit_files

The interface object for the Tenable Security Center Audit Files APIs.

property credentials

The interface object for the Tenable Security Center Credentials APIs.

property current

The interface object for the Tenable Security Center Current Session APIs.

property feeds

The interface object for the Tenable Security Center Feeds APIs.

property files

The interface object for the Tenable Security Center Files APIs.

property groups

The interface object for the Tenable Security Center Groups APIs.

login(username=None, password=None, access_key=None, secret_key=None)[source]

Logs the user into Tenable Security Center

Parameters
  • username (str, optional) – Username

  • password (str, optional) – Password

  • access_key (str, optional) – API Access Key

  • secret_key (str, optional) – API Secret Key

Returns

None

Examples

Using a username && password:

>>> sc = TenableSC('127.0.0.1', port=8443)
>>> sc.login('username', 'password')

Using API Keys:

>>> sc = TenableSC('127.0.0.1', port=8443)
>>> sc.login(access_key='ACCESSKEY', secret_key='SECRETKEY')
logout()[source]

Logs out of Tenable Security Center and resets the session.

Examples

>>> sc.logout()
property organizations

The interface object for the Tenable Security Center Organization APIs.

property plugins

The interface object for the Tenable Security Center Plugins APIs.

property policies

The interface object for the Tenable Security Center Policies APIs.

property queries

The interface object for the Tenable Security Center Queries APIs.

property recast_risks

The interface object for the Tenable Security Center Recast Risks APIs.

property repositories

The interface object for the Tenable Security Center Repositories APIs.

property roles

The interface object for the Tenable Security Center Roles APIs.

property scan_instances

The interface object for the Tenable Security Center Scan Instances APIs.

property scan_zones

The interface object for the Tenable Security Center Scan Zones APIs.

property scanners

The interface object for the Tenable Security Center Scanners APIs.

property scans

The interface object for the Tenable Security Center Scans APIs.

property status

The interface object for the Tenable Security Center Status APIs.

property system

The interface object for the Tenable Security Center System APIs.

property users

The interface object for the Tenable Security Center Users APIs.