This script will allow tenable.io users to pull listed CVEs from vulnerability scans for use with the Flashpoint Platform. The scripts will generate two files with the scan name, one will use pipe seperators for the UI search and the other will use comma separators for the CVE search.
Python 3.7 is required to run this script, to setup this environment to run you would create a virtual environment for the application:
virtualenv -p python3 venv
source venv/bin/activate
The required Python libraries can be found in the requirements.txt. They can be installed using:
pip install -r requirements.txt
Please be aware any time you need to run this script you would need to run source venv/bin/activate from the directory you set that up in.
The script can use a configuration file or options set while running the script.
The following is the configuration setup, you can use the provided template tenable_fp.conf.TEMPLATE or create your own.
[tenable_keys]
access_key = <tenable_access_key>
secret_key = <tenable_secret_key>
[tenable_scan]
scan_id = <scan_id>
If you decide to use the template, please be sure to rename the from from tenable_fp.conf.TEMPLATE to tenable_fp.conf and fill in your values.
Running tenable_api.py can handle some switches, below is the help text from tenable_api.py -h:
usage: tenable_api.py [-h] [--access ACCESS] [--secret SECRET] [--scan SCAN]
[--config CONFIG]
Pull CVEs from Tenable Scanner for use with the Flashpoint Platform. An Access Key, Secret Key and Scan ID must be provided or a configuration file using the -config tag. A default configuration file can be stored in the same directory as this script with the name of tenable_fp.conf which should be provided with this script.
optional arguments:
-h, --help show this help message and exit
--access ACCESS Access key for Tenable
--secret SECRET Secret Key for Tenable
--scan SCAN Scan id (#)
--config CONFIG Path to a Configuration File
If you're running with the switches you are required to use --access <access_key> --secret <secret_key> --scan <scan_id>