Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable and CyberArk

Simplify Scanning, Integrate With Privileged Access Management

Tenable and CyberArk Integration

Tenable integrates with CyberArk to simplify privileged access to hosts for vulnerability and compliance scans enabling improved scan accuracy and performance.

The integration combines CyberArk’s Application Identity Manager with Tenable’s vulnerability management and continuous network monitoring solutions to enable organizations to perform credentialed scans of hosts and reduce complexity and exposure by centrally managing and storing privileged account access.

Privileged Acess to target hosts

Key Challenges

Conducting credentialed network vulnerability assessments requires privileged access to target hosts. However, maintaining privileged accounts across throughout the organization poses the following challenges:

  • Individually managing and updating privileged access across all hosts can be difficult and time-consuming
  • Privileged access needs to securely managed to avoid abuse
  • Deploying agents locally on hosts is not always possible
  • Accounting of organizational credentials is required to meet regulatory compliance
CyberArk configuration

Solution Overview

Many organizations implement password vaults to ensure that privileged accounts are regularly updated and consistent across the organization.

Integrating CyberArk Application Identity Manager with Tenable solutions allows a customer to retrieve privileged credentials from the CyberArk Secure Digital Vault for use in security and compliance scans.

This centralizes and automates the process of managing and updating privileged access to hosts. By integrating with CyberArk, customers can easily perform credentialed scans across their environment to identify vulnerabilities, misconfigurations, and non-compliance.

CyberArk integration diagram

How It Works

  • Configure the scan policy on Tenable solutions to query CyberArk for privileged access to target host
  • Tenable then requests privileged account access from CyberArk to scan target host
  • CyberArk provides privileged scan credential for security scan
  • Tenable solution uses the provided credential to log into the target machine and read configuration data to identify vulnerabilities and misconfigurations

Integration Benefits

The integration between CyberArk Application Identity Manager and Tenable allows customers to:

  • Leverage existing CyberArk Application Identity Manager to support credentialed scans without the need to store credentials within Tenable solutions
  • Simplify security scanning by centrally managing and storing privileged credentials within CyberArk Secure Digital Vault
  • Reduce the attack surface, as customers no longer need to individually manage privileged scanning accounts across all of their assets
  • Ensure full accountability and traceability of all privileged account activity and avoiding privileged account abuse
  • Enable faster and more accurate vulnerability scans with deeper analysis

Try Tenable.io

Get a 60-day trial for cloud-based vulnerability management

Try Now

Demo SecurityCenter Continuous View

See what SecurityCenter Continuous View can do for your organization

Schedule a Demo

Try for Free Buy Now

Try Tenable.io Vulnerability Management


Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free


Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.