Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
tenable_asc Upped revision to 1.0.1 #1 Dec 3, 2019
.gitignore initial commit Nov 1, 2019 Upped revision to 1.0.1 #1 Dec 3, 2019 Update readme Nov 22, 2019 for Azure Security Center

Please Note: This script leverages preview APIs for Azure Security Center (ASC). While this is expected, the API may change unexpectedly on the Microsoft side. However, we plan to update this integration as Microsoft updates their APIs for ASC.

This integration is designed to pull vulnerabilities from Azure assets and summarize (count) them by severity. Once the vulnerabilities are summarized for each Azure asset, the integration creates an Azure Security Center recommendation for each host. The recommendation includes a summary of the number of vulnerabilities on each host and lists them by severity.

This integration can be run as a one-shot ingest or continuous service.


  • A working Azure connector in your instance
  • A set of Azure credentials for the integration to use. You will need to know the App Secret, App ID, and Tenant ID. See the Azure documentation for instructions.
  • A set of API keys with the Administrator role. See the Generate API Key Instructions for more information.
  • A host to run the script on. This can be located anywhere as the integrations is linking cloud-to-cloud.


pip install .


The following script details, both, command-line arguments and equivalent environment variables.

Usage: tenable-asc [OPTIONS] -> Azure Security Center Transformer & Ingester

  --tio-access-key TEXT Access Key
  --tio-secret-key TEXT Secret Key
  -b, --batch-size INTEGER  Export/Import Batch Sizing
  -v, --verbose             Logging Verbosity
  -r, --run-every INTEGER   How many hours between recurring imports
  --auth-uri TEXT           Azure Security Center authentication URI
  --azure-uri TEXT          Azure Security Center API base URI
  --azure-app-id TEXT       Azure Security Center application id
  --azure-tenant-id TEXT    Azure Security Center tenant id
  --azure-app-secret TEXT   Azure Security Center application secret
  --help                    Show this message and exit.

Example Usage

Run the import once:

tenable-asc                                     \
    --tio-access-key {TIO_ACCESS_KEY}           \
    --tio-secret-key {TIO_SECRET_KEY}           \
    --azure-app-id {AZURE_APP_ID}               \
    --azure-tenant-id {AZURE_TENANT_ID}         \
    --azure-app-secret {AZURE_APP_SECRET}

Run the import once an hour:

tenable-asc                                     \
    --tio-access-key {TIO_ACCESS_KEY}           \
    --tio-secret-key {TIO_SECRET_KEY}           \
    --azure-app-id {AZURE_APP_ID}               \
    --azure-tenant-id {AZURE_TENANT_ID}         \
    --azure-app-secret {AZURE_APP_SECRET}
    --run-every 1



You can’t perform that action at this time.