# Tenable MCP

> Tenable connects your entire vulnerability management program directly to any AI agent. You can list all assets, check deep telemetry like OS fingerprints and IPs, find specific security findings (CVEs) on individual machines, or manually launch immediate scans—all without leaving your chat window or IDE.

## Overview
- **Category:** fort-knox
- **Price:** Free
- **Tags:** cybersecurity, exposure-management, asset-intelligence, cve-triage, vulnerability-assessment, cloud-security

## Description

This MCP brings your Tenable enterprise environment into your conversation flow. Instead of logging into multiple dashboards to build a risk profile, you talk to your agent about it. You can list all discovered assets and immediately pull deep details on any host, including its OS fingerprint and tags. Need to know what vulnerabilities are hitting a specific machine? Just ask for the security findings, and you get them directly. If you find an asset that looks risky, you don't have to wait; you can manually trigger an immediate scan run right through your chat. This ability to execute complex checks instantly is why having this connector available on Vinkius makes a huge difference in speed.

It lets security analysts pinpoint CVE details for compromised servers in seconds. DevSecOps engineers can launch scans on newly deployed infrastructure zones directly from their code editor, and IT admins can check the health of your scanning fleet to ensure everything is running right.

## Tools

### list_assets
Lists all hosts and cloud assets discovered in Tenable.io.

### get_asset_details
Retrieves detailed metadata, networking information, and the risk profile for a specific asset.

### get_scan_results
Pulls runtime analytics and vulnerability summaries for a specific scan job ID.

### launch_scan
Manually triggers an immediate execution of one of your configured vulnerability scans.

### list_scan_folders
Lists the different operational scan folders, like 'PCI Quarters' or 'My Scans'.

### list_logical_networks
Retrieves a list of Tenable's defined logical routing networks.

### list_scans
Lists all historical vulnerability assessment scans configured in Tenable.io.

### list_asset_tags
Displays organizational tags mapped across your assets, like 'Critical' or 'Production'.

### list_scanners
Lists all Nessus scanners that are managed by Tenable.io.

### get_asset_vulnerabilities
Retrieves explicit security findings, or Workbench results, for a specific asset ID.

## Prompt Examples

**Prompt:** 
```
Find the status and schedule of the 'Weekly PCI Scan'.
```

**Response:** 
```
I've queried your configured scans. The 'Weekly PCI Scan' is currently 'enabled' and actively on schedule (UUID: eb92f03f-xxxx). It is mapped to the 'PCI Quarters' logical folder. Last execution was 4 days ago. Do you want me to list its historical results?
```

**Prompt:** 
```
Retrieve all extreme vulnerabilities on asset ID 1383da-xxx.
```

**Response:** 
```
I pulled the Workbench findings for asset 1383da-xxx. I found 3 critical severity issues detected via plugin 104743 (Windows OTD exploit) and plugin 51192 (OpenSSL RCE). It seems the host is missing 4 months of standard OS patches. Shall I provide the exact CVE payload?
```

**Prompt:** 
```
Launch the scan with ID a981bf93 immediately.
```

**Response:** 
```
Scan a981bf93 has been successfully commanded to start. The job run ID is c2f90a1-xxxxx. It has been pushed to the scanner queues and will evaluate all tied network zones independently. Let me know when you want to retrieve the results.
```

## Capabilities

### Inventory Assets
List all host and cloud assets discovered in your Tenable environment.

### Check Asset Health
Pull detailed metadata, networking info, and the risk profile for any specific asset ID.

### Triage Vulnerabilities
Retrieve explicit security findings or CVEs affecting a single, targeted asset.

### Execute Scans On Demand
Manually trigger an immediate scan run using one of your configured assessment templates.

### View Scan Results
Get the full runtime analytics and vulnerability summaries for a specific, completed scan job.

## Use Cases

### Investigating an alert on a critical server
A security analyst gets an alert for Asset ID X. Instead of logging into the Tenable UI, they ask their agent to retrieve all vulnerabilities for Asset ID X. The agent immediately returns a list of 3 critical severity issues and details which plugin caused them.

### Validating network segmentation
An IT administrator needs confirmation that the newly deployed staging environment is properly segmented. They use the MCP to list logical networks, compare it against the asset tags, and verify that only authorized assets exist in that segment.

### Proving compliance for an audit
A team needs proof of vulnerability assessment coverage for PCI requirements. Instead of manually running reports, they ask the agent to list all scans related to 'PCI Quarters' and then retrieve the full scan results from the most recent run.

### Responding to a zero-day discovery
A vulnerability is announced for a common library. The engineer asks their agent to check specific assets against this CVE using the 'get_asset_vulnerabilities' tool, getting an instant list of all affected machines across the entire fleet.

## Benefits

- Get immediate visibility into risk. You can check a specific asset's security findings, pulling explicit CVE details without navigating complex dashboards or running manual reports.
- Manage infrastructure from your chat. DevSecOps teams can manually trigger scans on new zones directly from their code editor, making deployment and testing faster.
- See the whole picture of your network. You can list assets and then check detailed telemetry—OS fingerprints, IPs, tags—to understand exactly what you're protecting.
- Know if your scanners are working. Use this MCP to audit scanner health and confirm that host tags actually match the logical network topologies before a major project starts.
- Quickly assess scope. You can list all configured scans and scan folders (like 'PCI Quarters') to ensure you've covered every required compliance area.

## How It Works

The bottom line is you get actionable vulnerability data from your tenable platform without ever navigating complex web dashboards.

1. Subscribe to this MCP and enter your Tenable Access Key and Secret Key.
2. Tell your agent what you need. For example, 'Check the vulnerabilities for asset X' or 'Launch a scan on the new zone.'
3. The agent talks directly to Tenable, pulls the data, and presents the results in plain text right where you are working.

## Frequently Asked Questions

**How do I check if a specific asset has vulnerabilities using Tenable MCP?**
You use get_asset_vulnerabilities() to pull the explicit security findings for that single machine. This gives you immediate details on CVEs without needing a full scan.

**What is the best way to start a new vulnerability assessment?**
You first use list_scans() to see what assessments are configured, and then manually trigger an immediate run using launch_scan().

**Can I find out what tags my assets have?**
Yes, you can run list_asset_tags() to see all the organizational tags available across your environment.

**Does Tenable MCP help with compliance reporting?**
It helps by allowing you to easily list and retrieve results from specific scan folders (like 'PCI Quarters'), making it easier to prove coverage for an audit.

**How do I view the full data of a host?**
Use get_asset_details() with the asset ID. This pulls comprehensive metadata, networking details, and the overall risk profile in one go.