Description
Description
Create documentation for the Tenable IO integration that now aligns with the CDR guide for data normalization. The integration now support enumeration in the native vulnerability findings workflow and provide out-of-the-box contextualization as Insights within alert and entity flyouts.
The main goal of this documentation is to inform readers that Tenable IO is now supported as part of our third party integrations with native workflow support. For more in-depth guidance, you can always direct users to dedicated Tenable IO documentation which is available separately.
Requirements
- Follow existing documentation structure from AWS Security Hub and Wiz
Acceptance Criteria
- Create new documentation page under Cloud Security → Ingest third-party cloud security data
Version Info
Supported from Tenable IO integration version 4.0.0
Notes
- No integration specific configuration steps required (unlike AWS Security Hub & Wiz)
- We may need to revisit the structure of this documentation later, since tools like Qualys / Tenable IO / Rapid7 don’t fit neatly under just "cloud security" as they support on-prem infra, IT infra etc.. .
Resources
https://docs.elastic.dev/security-solution/cloud-security/cdr/3p-dev-guide
https://github.com/elastic/security-team/issues/9988
elastic/integrations#13636
elastic/integrations#14130
Which documentation set does this change impact?
Elastic On-Prem and Cloud (all)
Feature differences
The feature is identical in all deployments
What release is this request related to?
9.1
Serverless release
Catching up (The week of June 9, 2025)
Collaboration model
The documentation team
Point of contact.
Main contact: @nick-alayil
Stakeholders: @nick-alayil @maxcold @alexreal1314 @kcreddy