Tenable.sc MCP Server
ContributedProduction MCP bridge to Tenable Security Center with intelligent tools for vulnerability management and asset discovery
Compatible Clients
Integrations
Tools (15)
- tsc_catalog
Browse 100+ available Tenable.sc resources
- tsc_current_user
Verify API user identity and permissions
- tsc_resource_action
Unified CRUD interface (list, get, create, update, delete)
- tsc_request
Direct access to any Tenable.sc endpoint
- tsc_analyze
Run analysis queries with caching
- tsc_download
Binary/text download helper
- tsc_upload_file
Multipart file upload helper
- tsc_cache_stats
View cache performance metrics
- tsc_cache_clear
Clear cache entries by pattern
- tsc_profile_ip_efficient
Complete security profile for single IP
- tsc_list_vulns_by_ip_summary
Quick vulnerability counts by severity
- tsc_list_vulns_by_ip_full
Complete vulnerability records with metadata
- tsc_list_ips
List all IPs with filtering
- tsc_list_vulns_by_cve
Search for CVE across infrastructure
- tsc_resource_docs
Returns docs metadata for Tenable.sc resource
Resources (3)
- tenable-sc://catalog
Human-readable API catalog
- tenable-sc://filters/format-reference
Comprehensive filter format guide
- tenable-sc://filters/reference
Auto-generated filter reference
Tags
The Tenable.sc MCP Server provides AI assistants with direct access to Tenable Security Center’s comprehensive vulnerability management platform. It exposes 100+ Tenable.sc API resources through a production-ready Model Context Protocol interface.
What it does
This MCP server enables AI-powered security workflows by providing:
- Comprehensive vulnerability queries - Search CVEs across your infrastructure, list vulnerabilities by IP/severity, and get detailed remediation guidance
- Asset profiling and discovery - Profile individual IPs with complete security context, discover assets by criticality, and map asset group membership
- Intelligent caching - Built-in Redis/in-memory caching reduces API load and enables 1000x faster repeated queries
- Generic resource access - Direct CRUD operations on all Tenable.sc resources (scans, policies, credentials, users, reports)
- Analysis engine - Run complex analysis queries with 55+ filters (VPR score, asset criticality, exploit availability, CVSS)
How it works
The server acts as a stateless proxy between MCP clients and Tenable.sc’s REST API. It authenticates using your Tenable.sc API keys and enforces all RBAC permissions from your Security Center instance. The architecture includes:
- Multi-tier caching (in-memory + Redis) with smart TTLs based on data volatility
- 15 core MCP tools including convenience tools for common security workflows
- 3 self-documenting resources with filter format references for complex queries
- Docker Compose deployment with Redis included for production use
- Support for both stdio (Claude Desktop) and HTTP (remote clients) transports
Built with Python 3.11+ and the official MCP SDK.