diff --git a/.github/workflows/questions.yml b/.github/workflows/questions.yml
deleted file mode 100644
index 133e71c..0000000
--- a/.github/workflows/questions.yml
+++ /dev/null
@@ -1,40 +0,0 @@
-name: Questions
-on: [pull_request_target]
-
-jobs:
-  validate:
-    runs-on: ubuntu-latest
-
-    steps:
-      - id: setup-node
-        name: Setup Node
-        uses: actions/setup-node@v1
-        with:
-          node-version: 18.x
-
-      - name: Check out `main` branch
-        uses: actions/checkout@v2
-        with:
-          path: source
-
-      - name: Check out target branch questions
-        uses: actions/checkout@v2
-        with:
-          ref: ${{github.event.pull_request.head.ref}}
-          repository: ${{github.event.pull_request.head.repo.full_name}}
-          path: target
-
-      - name: Install dependencies for `main` branch
-        run: yarn install --cwd source
-
-      - name: Validate questions on target branch
-        env:
-          MANAGED_QUESTIONS_JUPITERONE_ACCOUNT_ID:
-            ${{ secrets.MANAGED_QUESTIONS_JUPITERONE_ACCOUNT_ID }}
-          MANAGED_QUESTIONS_JUPITERONE_API_KEY:
-            ${{ secrets.MANAGED_QUESTIONS_JUPITERONE_API_KEY }}
-        run:
-          yarn --cwd source j1-integration validate-question-file -a
-          $MANAGED_QUESTIONS_JUPITERONE_ACCOUNT_ID -k
-          $MANAGED_QUESTIONS_JUPITERONE_API_KEY -p
-          ../target/jupiterone/questions/questions.yaml
diff --git a/package.json b/package.json
index c577b17..65ec0eb 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@jupiterone/graph-tenable-io",
-  "version": "9.7.1",
+  "version": "9.8.0",
   "description": "A JupiterOne managed integration for https://www.tenable.com/products/tenable-io",
   "repository": {
     "type": "git",
diff --git a/src/steps/vulnerabilities/converters.ts b/src/steps/vulnerabilities/converters.ts
index cbb3903..00e4429 100644
--- a/src/steps/vulnerabilities/converters.ts
+++ b/src/steps/vulnerabilities/converters.ts
@@ -366,13 +366,14 @@ export function createVulnerabilityEntity(
         // vulnerability prioritization properties
         cvss3BaseScore: vuln.plugin.cvss3_base_score,
         cvss3TemporalScore: vuln.plugin.cvss3_temporal_score,
-
         cvssBaseScore: vuln.plugin.cvss_base_score,
         cvssTemporalScore: vuln.plugin.cvss_temporal_score,
-
         cvss3Vector: vuln.plugin.cvss3_vector?.raw,
         cvssVector: vuln.plugin.cvss_vector?.raw,
         hasPatch: vuln.plugin.has_patch,
+
+        // cross-reference plugin information array: CISA, CVE, IAVA
+        xRefs: vuln.plugin.xrefs?.map((r) => JSON.stringify(r)) ?? [],
       },
     },
   });