Skip to main content
Role AvailabilityRead-OnlyInvestigatorAnalystManager
LevelBlue USM is modernizing its vulnerability scanning capabilities. The legacy jOVAL scanning engine has been replaced with Tenable Vulnerability Scanner technology, delivered through the LevelBlue Vulnerability Scanner BlueApp. This change improves scanning accuracy and coverage while preserving the existing LevelBlue USM user experience. No workflow changes are required for day-to-day scanning operations. Important considerations after enabling the scanner:
  • All assets must be visible to Tenable.
    • Public assets should use the Tenable Cloud Scanner.
    • Private assets require a locally installed Nessus scanner.
  • Review and validate asset credentials before running authenticated scans.
By default, the LevelBlue Vulnerability Scanner is licensed for unlimited endpoints, but there is an API limit of 8192 endpoints per scan. Configure and Enable LevelBlue Vulnerability Scanner
  1. Navigate to Data Sources and open the Available BlueApps tab.
  2. Filter by Scanner, then select LevelBlue Vulnerability Scanner powered by Tenable.
  1. Click Configure API, and then select the region where configuration data will be stored.
  1. Click Save.
Note: Only users with the Manager role can perform this configuration.
During configuration, a Tenable tenant and user account are automatically created. Login credentials for the Tenable portal are sent to the same email address used for LevelBlue USM.
  1. Once the configuration is completed, you will receive an email confirmation.
  1. Log in to the Tenable portal at https://cloud.tenable.com using the temporary credentials provided.
  2. In the Authorize Apps tab of the LevelBlue Vulnerability Scanner page, open Scanner Settings, and then select a default scan template.
Note: Only Manager-role users can configure default scan templates.
  1. Navigate to assets or asset groups and run scans as usual.
  2. Open the Scheduling tab to configure periodic scans.
Before running authenticated scans, verify the following:
  • Assets are visible to Tenable Cloud or have a Nessus scanner installed.
  • Credentials are valid and assigned to the correct assets.
Manage Asset Credentials Existing LevelBlue USM credentials are fully supported. If credentials were previously configured, no reconfiguration is required. You can:
  • Add new credentials
  • Assign credentials to assets
Run an Authenticated Scan
  1. Open the Asset page.
  2. Confirm credentials are assigned.
  3. Click Actions.
  4. Select Authenticated Scan.
Run an Asset Group Authenticated Scan
  1. Open the Asset Group page.
  2. Confirm all assets in the group have credentials assigned.
  3. Click Actions.
  4. Select Authenticated Scan.
Run an Asset Scan Action
  1. From the Actions menu, select Run BlueApp Action.
  1. Choose Run LevelBlue Vulnerability Scanner powered by Tenable.
  1. Select Run Scan.
  1. Click Run.
Run a Scheduled Scan Periodically The user experience does not change. Refer to the following documentation:
https://docs.levelblue.com/documentation/usm-anywhere/user-guide/vulnerability-assessment/credentials. Download a Scan Result File
  1. Open the Asset or Asset Group page.
  2. Select the Scan History tab.
  3. Locate the Scan File column.
  4. Click the scan entry to download the file.
Test Credentials for an Asset The user experience does not change. Refer to the following documentation:
https://docs.levelblue.com/documentation/usm-anywhere/user-guide/vulnerability-assessment/credentials. Review Authenticated Scanner Status in a Sensor
  1. Navigate to Sensors.
  2. Select the sensor to review.
  3. Open the Authenticated Scanner tab.
Install the Nessus Scanner on Assets
  1. Download the Nessus scanner from: https://www.tenable.com/downloads/nessus.
  2. Follow the installation guide: https://docs.tenable.com/nessus/Content/InstallNessus.htm When prompted, select Link to another Tenable product.
  3. Link the scanner to your Tenable portal using these instructions: https://docs.tenable.com/vulnerability-management/Content/Settings/Sensors/LinkaSensor.htm.
Helpful links Limits and Restrictions
  1. Do not configure the LevelBlue Vulnerability Scanner on more than one sensor within the same LevelBlue USM domain. Doing so can cause scan and result errors.
  2. The Tenable license supports unlimited endpoints but API is limited to 8192 endpoints per scan. If scanning more then 8192 endpoints, multiple scans will be required.
Questions and Answers
QuestionsAnswers
Is LevelBlue Vulnerability Scanner replacing the Tenable.io BlueApp?No. Tenable.io BlueApp uses a separate Tenable account and is not fully integrated with LevelBlue USM. Asset group scans, authenticated scans, and other native USMA workflows are only supported through LevelBlue Vulnerability Scanner.
Can LevelBlue Vulnerability Scanner coexist with Tenable.io BlueApp?Yes, but this may result in duplicate security data.
Can I use jOVAL and LevelBlue Vulnerability Scanner at the same time?No. Enabling LevelBlue Vulnerability Scanner disables the jOVAL scanner.
Will existing scheduled scans be preserved?No. All custom scheduled scan jobs must be recreated in the USMA Scheduler. There is no automated migration.
Will existing asset credentials still work?Yes. The credential manager remains unchanged.
Which scan actions are deprecated?Debug scan actions for assets and asset groups.
Can I access scan results in the Tenable portal?Yes, but it is optional. Scan results and vulnerabilities are imported into LevelBlue USM automatically.
How do I log in to the Tenable portal?After initial configuration, you receive an email with the portal link, username, and password. Additional user accounts will need to be provisioned in the tenable portal.
Important: Save your Tenable username. It is required for USMA Technical Support and is tied to your USMA domain.
Which user roles can configure the scanner and settings in LevelBlue USM?Only users with the USMA Manager role.
What data regions are supported?Australia, Brazil, Canada, European Union, India, Japan, Singapore, United Kingdom, and United States.