The actions included with the Tenable.io Action Bundle integrate with the Tenable.io API and provide visibility into the assets and vulnerabilities for an organization. The actions can run scans to identify vulnerabilities and submit data from a collection to retrieve vulnerability data for ingestion into the ThreatQ library.

The action bundle provides the following actions:

• Tenable.io Initiate Asset Scan - submits a list of FQDN / IP Addresses Assets to initiate a vulnerability scan.
• Tenable.io Find Vulnerable Assets - retrieves latest vulnerability scan results for FQDN / IP Addresses Assets.
• Tenable.io Remediated Assets - retrieves latest vulnerability scan results for FQDN / IP Address Assets and unrelates the ones that are related to the Asset, but are not vulnerable anymore.
• Tenable.io CVE Enrichment - enriches a CVE with additional context and assets.

The actions are compatible with the following system object types:

• Assets
• Indicators
• CVE
• Vulnerabilities

The actions return the following enriched system objects:

• Assets
• Indicators
• CVE
• Vulnerabilities

Note:  This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.