tenable-mcp
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| TENABLE_IO_URL | No | Tenable.io base URL | https://cloud.tenable.com |
| TENABLE_SC_URL | No | Tenable.sc URL (enables SC support) | |
| TENABLE_TIMEOUT | No | Connection timeout in seconds | 120 |
| TENABLE_PAGE_SIZE | No | Default page size for paginated requests | 100 |
| TENABLE_ACCESS_KEY | Yes | Tenable API access key | |
| TENABLE_SECRET_KEY | Yes | Tenable API secret key | |
| TENABLE_VERIFY_SSL | No | Set to false to disable SSL verification | true |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {
"listChanged": false
} |
| prompts | {
"listChanged": false
} |
| resources | {
"subscribe": false,
"listChanged": false
} |
| experimental | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| tenable_list_assetsA | List assets from Tenable Vulnerability Management. Returns a paginated list of assets with optional filters for hostname, IP address, tracking method, and network. Example: Input: {"hostname": "web-server", "limit": 10} Output: {"assets": [...], "total": 10} |
| tenable_get_assetA | Get detailed information about a specific asset. Example: Input: {"uuid": "123e4567-e89b-12d3-a456-426614174000"} Output: {"id": "...", "hostname": "server01", "ipv4": "10.0.0.1", ...} |
| tenable_get_asset_vulnerabilitiesB | Get vulnerabilities for a specific asset. Example: Input: {"uuid": "123e4567-...", "severity": "critical"} Output: {"vulnerabilities": [...], "total": 5} |
| tenable_search_vulnerabilitiesB | Search for vulnerabilities across all assets. Uses the Tenable exports API with extensive filtering for severity, CVE, exploit availability, port, protocol, tags, and time range. Example: Input: { "severity": "critical", "exploit_available": true, "since": 1700000000, "limit": 50 } Output: {"vulnerabilities": [...], "total": 12} |
| tenable_get_vulnerability_detailsB | Get detailed information about a specific vulnerability or plugin. Provide either vuln_id (finding UUID) or plugin_id (Nessus plugin ID). Example: Input: {"plugin_id": 19506} Output: {"id": 19506, "name": "Apache Log4j ...", "cve": ["CVE-2021-44228"], ...} |
| tenable_list_findingsC | List vulnerability findings using the Tenable exports API. Uses the modern exports.vulns() API for the most current view of vulnerabilities across your environment. Example: Input: {"severity": "high", "state": "OPEN", "limit": 100} Output: {"findings": [...], "total": 45} |
| tenable_list_scansA | List configured scans. Returns a list of all scans (or filtered by folder/name). Example: Input: {"limit": 20} Output: {"scans": [...], "total": 5} |
| tenable_get_scanB | Get detailed information about a specific scan. Example: Input: {"scan_id": 123} Output: {"id": 123, "name": "Weekly Scan", "status": "completed", ...} |
| tenable_launch_scanA | Launch a scan. WARNING: This is a state-changing operation. Set Example: Input: {"scan_id": 123, "confirm": true} Output: {"scan_uuid": "...", "status": "launched"} |
| tenable_export_scanC | Export scan results. The export is downloaded as a file. Supported formats: nessus, csv, html, pdf, db. Example: Input: {"scan_id": 123, "format": "csv"} Output: {"file_id": "...", "format": "csv", "status": "ready"} |
| tenable_download_scan_exportA | Export a scan and save it to a specified file path. Use this when you need to control where the exported file is saved, rather than using a temporary location. Example: Input: { "scan_id": 123, "output_path": "/home/user/weekly_scan.csv", "format": "csv" } Output: {"file_path": "/home/user/weekly_scan.csv", "status": "completed"} |
| tenable_search_pluginsC | Search for Tenable plugins by name, family, CVE, or other criteria. Example: Input: {"query": "Apache Log4j", "cve": "CVE-2021-44228", "limit": 10} Output: {"plugins": [...], "total": 3} |
| tenable_get_plugin_detailsA | Get detailed information about a specific plugin. Includes CVSS scores, CVE references, solution, and exploit information. Example: Input: {"plugin_id": 19506} Output: { "id": 19506, "name": "Apache Log4j ...", "cvss_base_score": 10.0, "cve": ["CVE-2021-44228"], ... } |
| tenable_list_tagsB | List configured tags. Tags are key-value pairs used to organize and filter assets (e.g., 'Location:US-East', 'Environment:Production'). Example: Input: {"category": "Location", "limit": 20} Output: {"tags": [...], "total": 5} |
| tenable_was_exportA | Export Web Application Scanning (WAS) findings. Retrieves web application vulnerability findings with optional date and status filters. Example: Input: {"scan_status": "completed", "scan_started_after": "2024/01/01"} Output: {"was_findings": [...], "total": 5} |
| tenable_was_download_reportB | Download a Web Application Scanning (WAS) report. Retrieves the detailed report for a specific WAS scan. Example: Input: {"scan_uuid": "123e4567-e89b-12d3-a456-426614174000"} Output: {"report": {...}, "scan_uuid": "..."} |
| tenable_health_checkA | Check connectivity and health of the Tenable.io service. Verifies that the configured credentials are valid and the API is reachable. Returns server properties and status. Example: Input: {} Output: { "status": "healthy", "server": {"version": "...", "uuid": "..."}, "license": {...} } |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/nguyenthdat/tenable-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server