Skip to main content
Glama
nguyenthdat

tenable-mcp

by nguyenthdat

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
TENABLE_IO_URLNoTenable.io base URLhttps://cloud.tenable.com
TENABLE_SC_URLNoTenable.sc URL (enables SC support)
TENABLE_TIMEOUTNoConnection timeout in seconds120
TENABLE_PAGE_SIZENoDefault page size for paginated requests100
TENABLE_ACCESS_KEYYesTenable API access key
TENABLE_SECRET_KEYYesTenable API secret key
TENABLE_VERIFY_SSLNoSet to false to disable SSL verificationtrue

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": false
}
prompts
{
  "listChanged": false
}
resources
{
  "subscribe": false,
  "listChanged": false
}
experimental
{}

Tools

Functions exposed to the LLM to take actions

NameDescription
tenable_list_assetsA

List assets from Tenable Vulnerability Management.

Returns a paginated list of assets with optional filters for hostname, IP address, tracking method, and network.

Example: Input: {"hostname": "web-server", "limit": 10} Output: {"assets": [...], "total": 10}

tenable_get_assetA

Get detailed information about a specific asset.

Example: Input: {"uuid": "123e4567-e89b-12d3-a456-426614174000"} Output: {"id": "...", "hostname": "server01", "ipv4": "10.0.0.1", ...}

tenable_get_asset_vulnerabilitiesB

Get vulnerabilities for a specific asset.

Example: Input: {"uuid": "123e4567-...", "severity": "critical"} Output: {"vulnerabilities": [...], "total": 5}

tenable_search_vulnerabilitiesB

Search for vulnerabilities across all assets.

Uses the Tenable exports API with extensive filtering for severity, CVE, exploit availability, port, protocol, tags, and time range.

Example: Input: { "severity": "critical", "exploit_available": true, "since": 1700000000, "limit": 50 } Output: {"vulnerabilities": [...], "total": 12}

tenable_get_vulnerability_detailsB

Get detailed information about a specific vulnerability or plugin.

Provide either vuln_id (finding UUID) or plugin_id (Nessus plugin ID).

Example: Input: {"plugin_id": 19506} Output: {"id": 19506, "name": "Apache Log4j ...", "cve": ["CVE-2021-44228"], ...}

tenable_list_findingsC

List vulnerability findings using the Tenable exports API.

Uses the modern exports.vulns() API for the most current view of vulnerabilities across your environment.

Example: Input: {"severity": "high", "state": "OPEN", "limit": 100} Output: {"findings": [...], "total": 45}

tenable_list_scansA

List configured scans.

Returns a list of all scans (or filtered by folder/name).

Example: Input: {"limit": 20} Output: {"scans": [...], "total": 5}

tenable_get_scanB

Get detailed information about a specific scan.

Example: Input: {"scan_id": 123} Output: {"id": 123, "name": "Weekly Scan", "status": "completed", ...}

tenable_launch_scanA

Launch a scan.

WARNING: This is a state-changing operation. Set confirm: true to proceed.

Example: Input: {"scan_id": 123, "confirm": true} Output: {"scan_uuid": "...", "status": "launched"}

tenable_export_scanC

Export scan results.

The export is downloaded as a file. Supported formats: nessus, csv, html, pdf, db.

Example: Input: {"scan_id": 123, "format": "csv"} Output: {"file_id": "...", "format": "csv", "status": "ready"}

tenable_download_scan_exportA

Export a scan and save it to a specified file path.

Use this when you need to control where the exported file is saved, rather than using a temporary location.

Example: Input: { "scan_id": 123, "output_path": "/home/user/weekly_scan.csv", "format": "csv" } Output: {"file_path": "/home/user/weekly_scan.csv", "status": "completed"}

tenable_search_pluginsC

Search for Tenable plugins by name, family, CVE, or other criteria.

Example: Input: {"query": "Apache Log4j", "cve": "CVE-2021-44228", "limit": 10} Output: {"plugins": [...], "total": 3}

tenable_get_plugin_detailsA

Get detailed information about a specific plugin.

Includes CVSS scores, CVE references, solution, and exploit information.

Example: Input: {"plugin_id": 19506} Output: { "id": 19506, "name": "Apache Log4j ...", "cvss_base_score": 10.0, "cve": ["CVE-2021-44228"], ... }

tenable_list_tagsB

List configured tags.

Tags are key-value pairs used to organize and filter assets (e.g., 'Location:US-East', 'Environment:Production').

Example: Input: {"category": "Location", "limit": 20} Output: {"tags": [...], "total": 5}

tenable_was_exportA

Export Web Application Scanning (WAS) findings.

Retrieves web application vulnerability findings with optional date and status filters.

Example: Input: {"scan_status": "completed", "scan_started_after": "2024/01/01"} Output: {"was_findings": [...], "total": 5}

tenable_was_download_reportB

Download a Web Application Scanning (WAS) report.

Retrieves the detailed report for a specific WAS scan.

Example: Input: {"scan_uuid": "123e4567-e89b-12d3-a456-426614174000"} Output: {"report": {...}, "scan_uuid": "..."}

tenable_health_checkA

Check connectivity and health of the Tenable.io service.

Verifies that the configured credentials are valid and the API is reachable. Returns server properties and status.

Example: Input: {} Output: { "status": "healthy", "server": {"version": "...", "uuid": "..."}, "license": {...} }

Prompts

Interactive templates invoked by user choice

NameDescription

No prompts

Resources

Contextual data attached and managed by the client

NameDescription

No resources

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/nguyenthdat/tenable-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server