Organizations¶

The following methods allow for interaction with the Tenable Security Center Organization API. These items are typically seen under the Organization section of Tenable Security Center.

Methods available on sc.organizations:

class OrganizationAPI(api: restfly.session.APISession)[source]¶

accept_risk_rules(organization_id, repos=None, plugin=None, port=None)[source]¶

Retrieves the accepted risk rules for the organization and optionally will filter based on the parameters specified.

organization: accept-risk-rule

Parameters

organization_id (int) – The organization id.
repos (list, optional) – A list of repository ids to restrict the search to.
plugin (int, optional) – A plugin id to restrict the search to.
port (int, optional) – A port number to restrict the search to.

Returns

A list of rules that match the request.

Return type

list

Examples

>>> for rule in sc.organizations.accept_risk_rules(1):
...     pprint(rule)

create(name, **kwargs)[source]¶

Create a new organization

SC Organization Create

Parameters

name (str) – The name for organization.
info_links (list, optional) – A list of custom analysis links provided to users within the host vulnerability details when analyzing data outside of SecurityCenter is desired. Links shall be described in a tuple format with (name, link) format. For example: ('SANS', 'https://isc.sans.edu/ipinfo.html?ip=%IP%')
lce_ids (list, optional) – What Log Correlation Engines (if any) should this organization be allowed to access? If left unspecified no LCE engined will be granted to this organization.
ldap_ids (list, optional) – What ldap server configuration ids should be used with this organization?
nessus_managers (list, optional) – Nessus Manager scanner for Nessus Agent scan imports.
pub_sites (list, optional) – A list of publishing site ids to associate this organization.
repos (list, optional) – A list of Repository ids to associate to this organization.
restricted_ips (list, optional) – A list of IP addresses, CIDRs, and/or IP ranges that should never be scanned.
vuln_score_low (int) – The vulnerability weighting to apply to low criticality vulnerabilities for scoring purposes. (Default: 1)
vuln_score_medium (int) – The vulnerability weighting to apply to medium criticality vulnerabilities for scoring purposes. (Default: 3)
vuln_score_high (int) – The vulnerability weighting to apply to high criticality vulnerabilities for scoring purposes. (Default: 10)
vuln_score_critical (int) – The vulnerability weighting to apply to critical criticality vulnerabilities for scoring purposes.(Default: 40)
zone_selection (str) – What type of scan zone selection should be performed? Available selection types are as follows: auto_only, locked, selectable+auto, selectable+auto_restricted. If left unspecified, the default is auto_only.
zones (list, optional) – When zone_selection is not auto_only, this field must be filled with list of ids from available scan zone(s).

Returns

The organization resource record for the newly created Org.

Return type

dict

Examples

Creating a new organization with automatic scan zone selection:

>>> org = sc.organization.create('Sample Organization')

Creating a new organization with custom analysis links:

>>> org = sc.organization.create(
...     'Sample Organization',
...     info_links=[
...         ('SANS', 'https://isc.sans.edu/ipinfo.html?ip=%IP%')
... ])

delete(organization_id)[source]¶

Remove the specified organization from Tenable Security Center

SC organization Delete

Parameters: organization_id (int) – The numeric id of the organization to delete.
Returns: Empty response string
Return type: str

Examples

>>> sc.organization.delete(1)

details(organization_id, fields=None)[source]¶

Retrieves the details for the specified organization.

SC Organization Details

Parameters

organization_id (int) – The numeric id of the organization.
fields (list, optional) – The list of fields that are desired to be returned. For details on what fields are available, please refer to the details on the request within the organization details API doc.

Returns

The organization resource record.

Return type

dict

Examples

>>> org = sc.organization.details(1)

edit(organization_id, **kwargs)[source]¶

Updates an existing organization

SC Organization Edit

Parameters

organization_id – The numeric id of the organization.
info_links (list, optional) – A list of custom analysis links provided to users within the host vulnerability details when analyzing data outside of SecurityCenter is desired.
lce_ids (list, optional) – What Log Correlation Engines (if any) should this organization be allowed to access? If left unspecified no LCE engined will be granted to this organization.
ldap_ids (list, optional) – What ldap server configuration ids should be used with this organization?
name (str, optional) – The name for organization.
nessus_managers (list, optional) – Nessus Manager scanner for Nessus Agent scan imports.
pub_sites (list, optional) – A list of publishing site ids to associate this organization.
repos (list, optional) – A list of Repository ids to associate to this organization.
restricted_ips (list, optional) – A list of IP addresses, CIDRs, and/or IP ranges that should never be scanned.
vuln_score_low (int) – The vulnerability weighting to apply to low criticality vulnerabilities for scoring purposes. (Default: 1)
vuln_score_medium (int) – The vulnerability weighting to apply to medium criticality vulnerabilities for scoring purposes. (Default: 3)
vuln_score_high (int) – The vulnerability weighting to apply to high criticality vulnerabilities for scoring purposes. (Default: 10)
vuln_score_critical (int) – The vulnerability weighting to apply to critical criticality vulnerabilities for scoring purposes.(Default: 40)
zone_selection (str) – What type of scan zone selection should be performed? Available selection types are as follows: auto_only, locked, selectable+auto, selectable+auto_restricted. If left unspecified, the default is auto_only.
zones (list, optional) – When zone_selection is not auto_only, this field must be filled with list of ids from available scan zone(s).

Returns

The updated organization resource record.

Return type

dict

Examples

>>> sc.organization.edit(1, name='New Name')

list(fields=None)[source]¶

Retrieves a list of organizations.

SC organization List

Parameters: fields (list, optional) – The list of fields that are desired to be returned. For details on what fields are available, please refer to the details on the request within the organization list API doc.
Returns: List of organization definitions.
Return type: list

Examples

Retrieve all of all of the organizations:

>>> repos = sc.organizations.list()

manager_create(org_id, username, password, role, **kwargs)[source]¶

Creates a new security manager for the given org. For a complete list of parameters that are supported for this call, please refer to tio.users.create() for more details.

organization-security-manager: create

Parameters

org_id – (int): The numeric identifier for the organization.
username (str) – The username for the account
password (str) – The password for the user to create
role (int) – The role that should be assigned to this user.
**kwargs (dict) – The keyword args to pass to the user constructor.

Returns

The newly created security manager.

Return type

dict

Examples

>>> secmngr = sc.organizations.manager_create(1,
...     'username', 'password', 1)

manager_delete(org_id, user_id, migrate_to=None)[source]¶

Removes the user specified.

organization-security-manager: delete

Parameters

org_id – (int): The numeric identifier for the organization.
user_id – (int): The numeric identifier for the user.

Examples

>>> sc.organizations.manager_delete(1, 1)

manager_details(org_id, user_id, fields=None)[source]¶

Retrieves the details of a specified security manager within a specified organization.

organization-security-manager: details

Parameters

org_id – (int): The numeric identifier for the organization.
user_id – (int): The numeric identifier for the user.
fields (list, optional) – The list of fields that are desired to be returned. For details on what fields are available, please refer to the details on the request within the organization list API doc.

Returns

The user resource record.

Return type

dict

Examples

>>> secmngr = sc.organizations.manager_details(1, 1)

manager_edit(org_id, user_id, **kwargs)[source]¶

Edits the specified security manager within the specified organization. For details on the supported arguments that may be passed, please refer to tio.users.edit() for more details.

organization-security-manager: edit

Parameters

org_id – (int): The numeric identifier for the organization.
user_id – (int): The numeric identifier for the user.
**kwargs (dict) – The keyword args to pass to the user constructor.

Returns

The updated user record.

Return type

dict

Examples

>>> secmngr = sc.organizations.manager_edit(1, 1,
...     username='updated')

managers_list(org_id, fields=None)[source]¶

Retrieves a list of security managers.

organization-security-manager: list

Parameters

org_id – (int): The numeric identifier for the organization.
fields (list, optional) – The list of fields that are desired to be returned. For details on what fields are available, please refer to the details on the request within the organization list API doc.

Returns

List of user definitions.

Return type

list

Examples

Retrieve all of the security managers for a given org.: >>> repos = sc.organizations.managers_list()

recast_risk_rules(organization_id, repos=None, plugin=None, port=None)[source]¶

Retrieves the recasted risk rules for the organization and optionally will filter based on the parameters specified.

organization: recast-risk-rule

Parameters

organization_id (int) – The organization id.
repos (list, optional) – A list of repository ids to restrict the search to.
plugin (int, optional) – A plugin id to restrict the search to.
port (int, optional) – A port number to restrict the search to.

Returns

A list of rules that match the request.

Return type

list

Examples

>>> for rule in sc.organizations.recast_risk_rules(1):
...     pprint(rule)