Nessus Scanner Integration¶
Overview¶
This integration allows you to connect to Nessus Scanner to manage vulnerability scans, including creating, launching, retrieving reports, and listing scan templates.
Configuration¶
The configuration for this integration (Nessus URL, Access Key, Secret Key, etc.) is managed within the SOAR platform’s Marketplace tab. The actions utilize these pre-configured settings.
Actions¶
Get Scan Templates¶
Get all scan templates from the Nessus server.
Arguments:
case_id(string, required): The ID of the case.alert_group_identifiers(List[string], required): Identifiers for the alert groups.target_entities(List[TargetEntity], optional): Optional list of specific target entities (Identifier, EntityType) to run the action on.scope(string, optional): Defines the scope for the action. Defaults to “All entities”.
Returns:
dict: A dictionary containing the list of available scan templates.
Get Scan Report¶
Get a full report on the scan results for a specified scan name.
Arguments:
case_id(string, required): The ID of the case.alert_group_identifiers(List[string], required): Identifiers for the alert groups.scan_name(string, required): Scan display name.target_entities(List[TargetEntity], optional): Optional list of specific target entities (Identifier, EntityType) to run the action on.scope(string, optional): Defines the scope for the action. Defaults to “All entities”.
Returns:
dict: A dictionary containing the detailed scan report.
Launch Scan¶
Launch scan on the Nessus server by scan name.
Arguments:
case_id(string, required): The ID of the case.alert_group_identifiers(List[string], required): Identifiers for the alert groups.scan_name(string, required): Scan display name.target_entities(List[TargetEntity], optional): Optional list of specific target entities (Identifier, EntityType) to run the action on. Supports IP Address and Hostname entities.scope(string, optional): Defines the scope for the action. Defaults to “All entities”.
Returns:
dict: A dictionary containing the result of the scan launch operation.
Create Scan¶
Create a new scan in Nessus with a template.
Arguments:
case_id(string, required): The ID of the case.alert_group_identifiers(List[string], required): Identifiers for the alert groups.scan_name(string, required): Scan display name.scan_template_title(string, required): Scan template title value.description(string, optional): Description content.target_entities(List[TargetEntity], optional): Optional list of specific target entities (Identifier, EntityType) to run the action on. Supports IP Address and Hostname entities.scope(string, optional): Defines the scope for the action. Defaults to “All entities”.
Returns:
dict: A dictionary containing the result of the scan creation, likely including the new scan ID.
Ping¶
Test Connectivity to Nessus Scanner.
Arguments:
case_id(string, required): The ID of the case.alert_group_identifiers(List[string], required): Identifiers for the alert groups.target_entities(List[TargetEntity], optional): Optional list of specific target entities (Identifier, EntityType) to run the action on.scope(string, optional): Defines the scope for the action. Defaults to “All entities”.
Returns:
dict: A dictionary containing the result of the ping action.
Get Scans¶
Fetch a list of existing scans from the Nessus server.
Arguments:
case_id(string, required): The ID of the case.alert_group_identifiers(List[string], required): Identifiers for the alert groups.target_entities(List[TargetEntity], optional): Optional list of specific target entities (Identifier, EntityType) to run the action on.scope(string, optional): Defines the scope for the action. Defaults to “All entities”.
Returns:
dict: A dictionary containing the list of existing scans.
Notes¶
Ensure the Nessus Scanner integration is properly configured in the SOAR Marketplace tab with the correct URL and API keys.
Actions involving scans typically operate on IP Address or Hostname entities specified in the scan configuration or target entities.