Skip to main content
MCP Servers / Tenable.sc MCP Server

Tenable.sc MCP Server

Contributed

Production MCP bridge to Tenable Security Center with intelligent tools for vulnerability management and asset discovery

Author Ahmad Jaber (ABMJ)
Transport both
Runtime python
Auth None required
License GPL-3.0-only
Added Jun 19, 2026
View on GitHub →

Compatible Clients

Claude DesktopClaude Code

Integrations

Tenable

Tools (15)

  1. tsc_catalog

    Browse 100+ available Tenable.sc resources

  2. tsc_current_user

    Verify API user identity and permissions

  3. tsc_resource_action

    Unified CRUD interface (list, get, create, update, delete)

  4. tsc_request

    Direct access to any Tenable.sc endpoint

  5. tsc_analyze

    Run analysis queries with caching

  6. tsc_download

    Binary/text download helper

  7. tsc_upload_file

    Multipart file upload helper

  8. tsc_cache_stats

    View cache performance metrics

  9. tsc_cache_clear

    Clear cache entries by pattern

  10. tsc_profile_ip_efficient

    Complete security profile for single IP

  11. tsc_list_vulns_by_ip_summary

    Quick vulnerability counts by severity

  12. tsc_list_vulns_by_ip_full

    Complete vulnerability records with metadata

  13. tsc_list_ips

    List all IPs with filtering

  14. tsc_list_vulns_by_cve

    Search for CVE across infrastructure

  15. tsc_resource_docs

    Returns docs metadata for Tenable.sc resource

Resources (3)

  1. tenable-sc://catalog

    Human-readable API catalog

  2. tenable-sc://filters/format-reference

    Comprehensive filter format guide

  3. tenable-sc://filters/reference

    Auto-generated filter reference

Tags

securityvulnerability-managementtenablesecurity-centervulnerability-scanningt.sct.sc+tenable-security-center-plus-mcp

The Tenable.sc MCP Server provides AI assistants with direct access to Tenable Security Center’s comprehensive vulnerability management platform. It exposes 100+ Tenable.sc API resources through a production-ready Model Context Protocol interface.

What it does

This MCP server enables AI-powered security workflows by providing:

  • Comprehensive vulnerability queries - Search CVEs across your infrastructure, list vulnerabilities by IP/severity, and get detailed remediation guidance
  • Asset profiling and discovery - Profile individual IPs with complete security context, discover assets by criticality, and map asset group membership
  • Intelligent caching - Built-in Redis/in-memory caching reduces API load and enables 1000x faster repeated queries
  • Generic resource access - Direct CRUD operations on all Tenable.sc resources (scans, policies, credentials, users, reports)
  • Analysis engine - Run complex analysis queries with 55+ filters (VPR score, asset criticality, exploit availability, CVSS)

How it works

The server acts as a stateless proxy between MCP clients and Tenable.sc’s REST API. It authenticates using your Tenable.sc API keys and enforces all RBAC permissions from your Security Center instance. The architecture includes:

  • Multi-tier caching (in-memory + Redis) with smart TTLs based on data volatility
  • 15 core MCP tools including convenience tools for common security workflows
  • 3 self-documenting resources with filter format references for complex queries
  • Docker Compose deployment with Redis included for production use
  • Support for both stdio (Claude Desktop) and HTTP (remote clients) transports

Built with Python 3.11+ and the official MCP SDK.