Welcome to Tenable API Explorer! This API Explorer provides complete reference documentation for all available Vulnerability Management, Web App Scanning, Identity Exposure, Cloud Security, Container Security, PCI ASV, Attack Surface Management, MSSP, and Downloads API endpoints based on OpenAPI 3 (formerly known as Swagger) specification. You can try most of the API calls out of the box.
The available Tenable product APIs are organized into the following functional categories:
- Tenable Platform & Settings
- Vulnerability Management
- Web App Scanning
- Attack Path Analysis
- PCI ASV
- Managed Security Service Provider (MSSP) Portal
- Identity Exposure
- Attack Surface Management
- Downloads
Scroll down the page to view the information for these APIs or use search to look for specific terms.
Tenable Platform & Settings
The Tenable Platform API includes endpoints for access control, agents, connectors, exclusions, networks, permissions, scanners, tags, and other platform settings.
For background information about user and group management, see the Access Control in the Tenable Vulnerability Management User Guide.
Vulnerability Management
The Tenable Vulnerability Management API enables users to programmatically manage assets, scans, and policies from the cloud. The endpoints provide actionable insight into your entire infrastructure's security risks, allowing you to quickly and accurately identify, investigate, and prioritize vulnerabilities and misconfigurations in your modern IT environment.
For more information about Tenable Vulnerability Management, see the Tenable Vulnerability Management User Guide.
Web App Scanning
The Tenable Web App Scanning API endpoints enable users to automate the security management of web applications. You can safely and accurately scan web applications, providing deep visibility into vulnerabilities and context for prioritizing remediations.
For more information about Tenable Web App Scanning, see the Tenable Web App Scanning User Guide.
Attack Path Analysis
The Tenable Attack Path Analysis API enables users to retrieve details about attack path findings. A Finding is an attack technique that exists in one or more attack paths that lead to one or more critical assets. The Findings tab in Attack Path Analysis takes your data and pairs it with advanced graph analytics and the MITRE ATT&CK® Framework to create Findings, which enables you to understand and act on the unknowns that enable and amplify threat impact on your assets and information.
For more information about findings, see Findings in the Tenable Attack Path Analysis User Guide.
PCI ASV
Tenable's PCI ASV streamlines the quarterly external vulnerability scan submission and dispute process as required by PCI. You can use the PCI ASV API to retrieve a list of PCI ASV attestations, disputes, and scans.
For more information about PCI ASV, see Get Started with PCI ASV Scanning in the Tenable Vulnerability Management User Guide.
Managed Security Service Provider (MSSP) Portal
The Tenable Managed Security Service Provider (MSSP) Portal API provides a secure and accessible way for MSSP administrators to manage and maintain multiple customer instances of Tenable products. Endpoints in the Tenable MSSP Portal API enables you to view and manage your MSSP customer accounts.
For more information about Tenable MSSP, see the Tenable Managed Security Service Provider User Guide.
Identity Exposure
The Tenable Identity Exposure API enables you to secure your infrastructure by anticipating threats, detecting breaches, and responding to incidents and attacks. You can programmatically monitor indicators of attack and indicators of exposure to allow you to discover underlying issues affecting your Active Directory, identify dangerous trust relationships, and analyze in-depth details of attacks.
For more information about Tenable Identity Exposure, see the Tenable Identity Exposure User Guide.
Attack Surface Management
Tenable Attack Surface Management enables you to identify internet-accessible assets that may or may not be known to your organization. Attack Surface Management identifies assets using DNS records, IP addresses, and ASN, and includes more than 180 columns of metadata to help you organize and inventory your assets.
For more information about Tenable Attack Surface Management, see the Tenable Attack Surface Management User Guide.
Downloads
The Downloads API enables customers to access and download installation and update files for available Tenable products. You can use the API endpoints to list product pages, list downloads available for a specific product, and to download a file. The endpoints can also be used to determine and download the latest version of a file to facilitate the automation of an installation.