Knowledge Base

Streamline your process with integrations

Vulnerability assessment tools

Integrate Nessus with Autobahn Fit

Ingest data from Nessus into Autobahn Fit using internal satellites

By integrating Nessus with Autobahn Fit, you will be able to view all your scan information in one platform, including the necessary remediation steps for identified vulnerabilities. Imported scans will be conveniently displayed on the Scan page for easy access and management.

In order to set up this integration, you will need to install an internal satellite that will regularly pull data from Nessus.

1. Nessus setup

1.1. Get Nessus API server URL
1.2. Create Nessus username and password

2. Autobahn Fit setup

2.1. Install Autobahn worker
2.2. Install Docker Image
2.3. Install the integration satellite
2.4. Allow outbound connections

3. View your pulled scans on Scans page

4. Enable/Disable active instances

1.1. Get Nessus API server URL

Caution: Generating a new API key replaces any existing keys and deauthorizes any linked applications

1 - Login into your Nessus account.

2 - Navigate to the Settings page. You will be directed to the About tab.

3 - Open the My Account tab.

4 - On the My Account tab, click the Generate button.

A dialog box appears, confirming your selection to generate a new API key. Click the Generate button to confirm. A URL will be generated, copy the one with `api` in its name.

Example value: https://168.119.132.212:8080 or http://168.119.132.212:8080

Tip: To access the Tenable Nessus API documentation, navigate to:

<Tenable Nessushost>:<port>/api#/overview.

1.2. Create a Nessus username and password

If you already have an existing Nessus user, you can use the credentials to integrate your Nessus account. Otherwise, follow these steps to create a new username and password:

Note: You can only perform this procedure in Tenable Nessus Manager. You cannot have multiple user accounts in Tenable Nessus Professional or Tenable Nessus Expert.

1 - Login into your Nessus account.

2 - In the top navigation bar, click Settings.

3 - The About page appears, in the left navigation bar, click the My Account button.

4 - In the upper right corner of Users page, click the New User button.

5 - Type in the settings as necessary.

6 - Select a role for the user.

Note: You cannot modify a username after the account is created.

7 - Copy the username and password that you input.

8 - Click Save to save the new user. Your account will appear on the account list.

2. Integrate Nessus with Autobahn Fit

After you collect the required credentials, log into your Autobahn Fit account and navigate to the Integrations page.

1 - Click on ‘Integrations’.

2 - Click Configure on the Tenable - Nessus Internal Satellites card.

If you already have Nessus configured, this means that someone in your organization has already configured the Nessus account, and this applies organization-wide.

4 - You will be directed to Configure an integration page. Click the Add instance button.

A form to add your instance credentials will appear. Fill out the form accordingly.

Label: Label to differentiate the different instances.
API server: The path or URL that redirects to the API server of your Nessus installation.
Username: The minimum permission of the user you are using for the Autobahn integration is Read/Run Reports.
Password: Password for the added user.
Network: Currently, only an internal network is available.
Pull from: The date of the scans to be pulled from. For example: if you select 10 January 2023, all scans that were created since 10 January 2023 onwards will be imported.
Frequency: The pulling frequency and how often does our engine pull the data.

8 - Once filled, click the Save button to save the instance.

Tip: you can add multiple instances.

2.1. Install Autobahn worker

You need to download Autobahn worker after adding your instance(s). The worker is then able to collect Nessus data and push it to Autobahn's cloud. This avoids having to make any firewall changes to allow inbound connections.

1 - Click the download button in the instance card on the Integration page.

2 - Install the downloaded Autobahn worker on the same network as your Nessus probe.

Tip: If you added multiple instances on the Integration page, you need to download the worker from all the added instances and repeat the steps.

2.2. Install Docker Image

Autobahn is deployed via a Docker image. Please note that the server hosting the docker should have at least 4 CPU cores, 8 GB RAM, 100GB HDD, and internet access.

Docker installation steps may differ depending on the installed operating system. Please refer to the Docker official site for installation tutorials based on the operating system (Reference: Install Docker Engine ).

After Docker installation, please follow the post-install step as described in Linux post-installation steps for Docker Engine. As a quick summary, we are granting current user permission to run Docker commands.

You can install a pre-configured image through the Autobahn Docker registry with these steps:

1 - You need to have docker installed on your system as Autobahn is deployed via a docker image. On Ubuntu, this command installs docker:

$ sudo apt install docker.io

More information: Docker: Accelerated, Containerized Application Development

Ensure your user account has permission to run this command.

2 - Next, ensure that your user account can start Docker containers by running these commands:

$ sudo groupadd docker

$ sudo usermod -aG docker ${USER}

3 - At this point, you need to log out and log in again for the group change to be effective

$ docker ps

2.3. Install the integration satellite

1 - Execute the following command to extract the configuration and installation files, and to install the Integration Satellite Docker image.

 $ unzip instance_name.zip

Replace instance_name with the name of the zip file that you have.

 $ cd integration_satellite

2 - Then run the satellite using the following command to start pulling the dat

$ ./autobahn_probe.sh run

The prompt will notify you that the satellite is running.

The instance status in the Dashboard will be changed to Active after 5 minutes after the satellite is successfully deployed.

Other important command worth noting:

Upgrade to the latest Integration Satellite:

$ ./autobahn_probe.sh run

Stop running satellite:

$ ./autobahn_probe.sh stop

Uninstall the Integration Satellite from Docker:

 $ ./autobahn_probe.sh uninstall

For more information on each script, run them with

 ./autobahn_probe.sh help

2.4. Allow outbound connections

The Docker host needs to be able to reach these IP addresses to provide direct (secured) connections to the Autobahn platform:

http://hub.docker.com:443
auth.docker.io:443
registry-1.docker.io:443
http://index.docker.io/:443
dseasb33srnrn.cloudfront.net:443
http://production.cloudflare.docker.com/:443
mq.app.autobahn-security.com:443

After following these steps, the worker will be activated and you should see the Instance card on the integration page labelled as "Active". It may take time for the scans to be pulled.

3. View your scans on the Scans page

Navigate to the Scans page to check your scans. The pulled scans on the pages have the Tenable - Nessus Internal Satellites logo in the Origin column.

4. Enable/Disable active instances

After adding multiple instances to the Autobahn platform, you may want to disable instances that are no longer relevant to your organization. You can do that by clicking the toggle in the instance card.

Disabling an instance will prevent our engine from fetching new scans from that instance. The previously fetched scans will not be removed.

You can enable the data fetching by clicking the toggle on the disabled instance. Once reenabled, our engine will fetch the scan data from the last pull date.