Welcome to AWS for Tenable Vulnerability Management

Last Updated: February 28, 2024

This document describes how to deploy Tenable Vulnerability Management® for integration with Amazon Web Services.

With more than one million users, Tenable Nessus® is the world’s most widely deployed vulnerability, configuration, and compliance assessment product. Tenable Nessus prevents attacks by identifying the vulnerabilities, configuration issues, and malware that hackers could use to penetrate your network. It is as important to run these assessments in AWS as it is in any other IT environment. Amazon recommends that all new and existing AWS customers scan their AWS instances while in development and operations and before publishing to AWS users.

A pre-authorized Tenable Nessus scanner is available in the Amazon Marketplace. The Tenable Nessus scanner links to and is managed by Tenable Vulnerability Management, and allows pre-authorized scanning of AWS EC2 environments and instances. The AWS Connector provides real-time visibility and inventory of EC2 assets in AWS by querying the AWS API. Customers interested in leveraging the pre-authorized Tenable Nessus scanner to secure their AWS environments and instances must have active Tenable Vulnerability Management and Amazon Web Services accounts.

To configure an AWS connector with Frictionless Assessment, see Frictionless Assessment for AWS in the Tenable Vulnerability Management User Guide.

To configure an AWS connector without Frictionless Assessment, see AWS Cloud Connector (without Frictionless Assessment) in the Tenable Vulnerability Management User Guide,

Note: To manage existing AWS connectors, see Manage Connectors in the Tenable Vulnerability Management User Guide.
Tip: For common connector errors, see Connectors in the Tenable Developer Portal.