Tenable.cs integrations with the Vulnerability Response and Container Vulnerability Response application

Release version: Zurich

Updated July 31, 2025

3 minutes to read

Summarize

Summarized using AI

Summary of Tenable.cs integrations with the Vulnerability Response and Container Vulnerability Response application

The Tenable.cs integrations enhance the Vulnerability Response and Container Vulnerability Response applications in ServiceNow, enabling customers to efficiently manage vulnerability data from Tenable.cs, a cloud-based enterprise security platform. Starting with Vulnerability Response version 20.0, scanned assets by agents are clearly marked, improving the authenticity verification of scan results.

Show full answer Show less

These integrations support multi-source configurations, allowing multiple instances of Tenable.io, Tenable.sc, and Tenable.cs integrations to be deployed across your environment via the Setup Assistant.

Key Features

Tenable.cs Cloud Container Assets Integration: Retrieves container asset data and creates or updates configuration items (CIs) such as Discovered Container Images, Docker Images, and Container Repositories.
Tenable.cs Open Cloud Container Vulnerabilities Integration: Runs automatically after container asset integration; pulls container vulnerability data filtered by severity, creates or updates relevant CIs, and generates new or reopened container vulnerable items (CVIs), along with associated findings and CVEs.
Tenable.cs Fixed Cloud Container Vulnerabilities Integration: Triggered after the Open Cloud Container Vulnerabilities Integration; retrieves and processes fixed container vulnerabilities, creating CVIs and related data in a closed state.
Tenable.cs Open Cloud Host Vulnerabilities Integration: Retrieves host vulnerability data filtered by severity, creates or updates CIs, and outputs new or reopened vulnerable items (VIs) and associated findings and CVEs, with vulnerabilities marked as open.
Tenable.cs Fixed Cloud Host Vulnerabilities Integration: Triggered after the Open Cloud Host Vulnerabilities Integration; processes fixed host vulnerabilities, marking related VIs as closed.

User Authentication and Integration Stability

User authentication for Tenable.sc integrations is supported natively by ServiceNow AI Platform® and Tenable.sc version 5.13. For earlier versions (5.12 and below), user authentication is mandatory. Token expiration during integration runs is handled automatically with tokens refreshed in the background, so no manual intervention is required despite error messages indicating expired tokens.

Practical Benefits for ServiceNow Customers

Seamless integration and synchronization of vulnerability and asset data from Tenable.cs into ServiceNow’s Vulnerability Response modules.
Improved accuracy and timeliness of vulnerability management through automated data retrieval and processing workflows.
Support for multi-instance deployment allows scalable and flexible integration across complex environments.
Clear visibility into the state of vulnerabilities (open or closed) and assets, aiding in prioritization and remediation efforts.
Reduced administrative overhead with automatic token management for Tenable.sc integrations, ensuring continuous and reliable data integration.

The Tenable.cs integrations in the Vulnerability Response Integration with Tenable application are available in the Vulnerability Response and Container Vulnerability Response applications.

Starting with v20.0 Vulnerability Response, if an asset is scanned by an agent, the "Agent exists" column in the Discovered Items list displays "true," indicating that the scan is authentic.

List of Tenable.cs integrations

Multi-source is supported for all the Tenable.io, Tenable.sc, and Tenable.cs integrations. You can add and deploy multiple instances of the following integrations across your environment from Setup Assistant in Vulnerability Response. You can also install and configure the Vulnerability Response Integration with Tenable application from Setup Assistant.

Tenable.cs is a cloud-based enterprise integration. See the following table for the names and descriptions of the supported integrations for the Tenable.cs product.

Table 1. Tenable.cs integrations
Integration	Description
Tenable.cs Cloud Container Assets Integration	Retrieves all container asset data from the Tenable.cs product and processes it in your instance. Creates unique CIs for unmatched assets, or updates existing CIs. Coordinates the REST message calls to the Asset API. The output of this integration is Discovered Container Images, Docker Images, and Container Repositories.
Tenable.cs Open Cloud Container Vulnerabilities Integration	When activated, this integration runs automatically after the container assets integration is successfully completed as part of a chained integration run. Retrieves container vulnerability data based on the severity filters from the Tenable.cs product and processes it in your instance. Creates unique CIs for unmatched assets, or updates existing CIs. Coordinates the REST message calls to the Vulnerabilities API. The output of this integration is New/Reopenedcontainer vulnerable items (CVIs). If they don't exist, it also creates discovered container images, docker images, container repositories, image findings, third-party entries, and Common Vulnerabilities and Exposures (CVE).
Tenable.cs Fixed Cloud Container Vulnerabilities Integration	This integration is triggered on successful completion of the Tenable.cs Open Cloud Container Vulnerabilities Integration. Retrieves container vulnerability data based on the severity filters from the Tenable.cs product and processes it in your instance. Creates unique CIs for unmatched assets, or updates existing CIs Coordinates the REST message calls to the Vulnerabilities API. The output of this integration is New/Reopened container vulnerable items (CVIs). If they don't exist, it also creates discover container images, docker images, container repositories, image findings, third-party entries, and CVEs. Image findings are created in closed state.
Tenable.cs Open Cloud Host Vulnerabilities Integration	Retrieves vulnerability data based on the severity filters from the Tenable.cs product and processes it in your instance. Creates unique CIs for unmatched assets, or updates existing CIs. Coordinates the REST message calls to the Vulnerabilities API. The output of this integration is New/Reopened vulnerable items (VIs). If they don't exist, it also creates configuration items, third-party entries, and CVEs. Vulnerability Detections are created in open state.
Tenable.cs Fixed Cloud Host Vulnerabilities Integration	This integration is triggered on successful completion of the Tenable.cs Open Cloud Host Vulnerabilities Integration. Retrieves vulnerability data based on the severity filters from the Tenable.cs product and processes it in your instance. Creates unique CIs for unmatched assets, or updates existing CIs. Coordinates the REST message calls to the Vulnerabilities API. The output of this integration is close vulnerable items (VIs). If they don't exist, it also creates configuration items, third-party entries, and CVEs. Vulnerability Detections are created in closed state.

User authentication and Tenable.sc

User authentication is supported by your ServiceNow AI Platform® instance and version 5.13 of the Tenable.sc product. User authentication is required if you’re using version 5.12 and earlier of the Tenable.sc product.

When you select user authentication for the Tenable.sc integrations, tokens might expire and be replaced during integration runs. In the Notes column on the Vulnerability Integration Run record (VIN), the following message is displayed for a process when a token expires, Error: Token validation is failed. If this message is displayed, no action is required. Expired tokens are automatically refreshed in the background and the message doesn’t indicate a pause or error with the integration process.