Admin
Scanner connections & scan history import
Once you've picked which scanner engine(s) feed ThreatWeaver on the Data sources & connectivity page, this is where you connect each engine, keep its data flowing, and bring in scans that ran before you connected it. Three screens work together: API Configuration (credentials), API Sync (schedules and manual runs), and Scan History Import (historical backfill). All three are available to an administrator with API access.
What it's for
- Connect a scanner engine — enter its API credentials so ThreatWeaver can pull assets and vulnerabilities from it.
- Control how fresh your data is — set an automatic sync schedule, trigger a sync manually, and recalculate dashboard statistics on demand.
- Bring in scan history — import findings from scans that already ran on your scanner before you connected it to ThreatWeaver, instead of waiting for new scans.
The screens in it
Each of the three screens shows the same row of engine tabs — Tenable.io, Qualys VMDR, Rapid7 InsightVM, and WeaverScan (Built-in) — so you configure, sync, and import history one engine at a time.
Tenable.io is the engine with a complete, working pipeline today: credentials, scheduled and manual sync, and scan history import all function end to end. Qualys VMDR and Rapid7 InsightVM currently support entering credentials and testing the connection; their full sync pipelines and scan history import are still arriving. WeaverScan is ThreatWeaver's built-in native scanner and needs no external credentials at all — see Scanners for how it's managed.
API Configuration
Enter and test the credentials each scanner engine needs to talk to ThreatWeaver.
Tenable.io
| Control | What it does |
|---|---|
| Data Mode | A Live / Sandbox switch. Sandbox shows mock data so you can explore the product before connecting a real scanner; Live uses your saved credentials. |
| Access Key / Secret Key | Paste your API key values here. Once saved, they're shown masked — enter new values only when you want to rotate them. |
| Test Connection | Checks the keys you've typed against Tenable.io before you save them. |
| Save Keys | Encrypts and stores the credentials. The card shows Configured, plus who last updated the keys and when. |
A short audit history under the keys shows recent changes to this engine's configuration.
Qualys VMDR & Rapid7 InsightVM
Both engines have a credentials form — API URL plus Username/Password for Qualys, API URL plus API Key for Rapid7 — and a working Test Connection button so you can confirm ThreatWeaver can reach your instance. Saving credentials for ongoing sync is not yet available for these two engines; that arrives with their full sync pipelines in a later release.
WeaverScan (Built-in)
WeaverScan ships with ThreatWeaver and needs no external credentials — agents enroll and submit results directly. Manage WeaverScan agents from Scanners.
API Sync
Keep a connected engine's data current, on a schedule or on demand.
Automatic sync schedule
Choose how often ThreatWeaver checks the engine for new data — every 1, 2, 4, 6, 8, 12, or 24 hours. The card shows exactly when the next sync will run. Changing the interval restarts the schedule immediately.
Sync status & manual sync
| Control | What it does |
|---|---|
| Sync scope | How much history a manual sync should cover — a recommended smart window, the last 90 days, the last year, a custom date, or your full history. |
| Full Sync | Pulls both assets and vulnerabilities right away. |
| Sync Assets Only / Sync Vulnerabilities Only | Runs a narrower sync when that's all you need. |
| Stop Sync | Appears while a sync is running, so you can cancel it. |
The card also shows current status (idle or running), a time estimate, and — if a previous sync was interrupted — a recovery banner with next steps.
Recalculate Stats
If dashboard numbers look out of date after a sync, Recalculate Stats rebuilds the snapshots your dashboards and trends read from, for a date range you choose (with an option to force a full rebuild). A progress bar tracks the rebuild, and a health readout shows whether recent data is fully repaired or still needs attention.
Scan History Import
Bring in scans that already ran on your scanner before you connected it — useful when you don't want to wait for new scans to build up history.
Today this works end to end for Tenable.io. Qualys and Rapid7 history import is on the roadmap and isn't wired up yet.
Step 1 — Discover available scans
Click Fetch Scans to list the scans your Tenable.io account can see, each with its name, type, and last-run date. Select the ones you want (or Select All), and expand History on any scan to preview its individual scan runs before importing.
Step 2 — Configure the import
| Control | What it does |
|---|---|
| Start Date / End Date | Optional — narrows the import to scan runs in that window. Leave blank to import everything available. |
| Dry Run | Preview what would be imported without writing any data. |
| Start Import / Preview Import | Kicks off the job (the button label changes based on Dry Run). |
Step 3 — Watch the import run
A progress bar tracks runs processed against the total, with live counts of findings, processed, failed, and skipped runs. You can Cancel a running import, and Retry Failed Runs if some runs didn't complete.
Step 4 — Review import history
Every import job — past and present — is listed with its status and totals. Expand a job to see per-run detail, and retry any failed runs from there too.
Common workflows
Workflow: connecting a new scanner engine
-
On API Configuration, select the engine's tab (for example Tenable.io).
-
Paste your API key (or username/API key, depending on the engine) into the credential fields.
Step 1 — entering an engine's API credentials -
Click Test Connection to confirm ThreatWeaver can reach it.
-
For Tenable.io, click Save Keys to store the credentials — the card updates to Configured. Then activate the engine on Data sources & connectivity so it starts feeding your Vulnerability Management views.
Workflow: syncing now and recalculating stats
-
On API Sync, choose a sync scope that fits what you need (a quick check uses the smart window; a first-time connection may need the full history).
-
Click Full Sync and watch the status card until it returns to Idle.
Step 1 — a sync in progress on the API Sync page -
If dashboard numbers still look stale afterward, pick a date range and run Recalculate Stats to rebuild the snapshots your dashboards read from.
Workflow: importing historical Tenable.io scans
-
On Scan History Import, click Fetch Scans and select the scans you want to bring in.
-
Optionally set a Start Date / End Date, and turn on Dry Run to preview the result first.
Step 1 — selecting scans and previewing with Dry Run -
Click Start Import (or Preview Import for a dry run) and watch Import Progress. If any runs fail, use Retry Failed Runs.
-
Check Import History any time afterward to confirm what was imported.
Related pages
Data sources & connectivity
Choose which connected engine(s) actively feed your exposure views.
Scanners
Run scans and manage WeaverScan, ThreatWeaver's built-in scanner.
Vulnerabilities
See how synced and imported scan data shows up as findings.
Frequently asked questions
Common questions about connecting data sources.