Configure Vulnerability Scan using Agentless Assessment for Azure

Workload vulnerability scans are triggered as part of the cloud scan process in Tenable Cloud Security. Tenable Cloud Security supports agentless workload scanning for Azure Virtual Machines.

Before you Begin:

To set up Agentless Assessment:

  1. In Tenable Cloud Security, initiate a cloud scan:

    1. On the home page, click Projects & Connections.

      Tenable Cloud Security displays the list of projects in the Projects tab.

    2. In the row for the project that you want to scan, click > Manage cloud scan profiles.

      The Manage scan profiles window appears.

    3. Click New Scan Profile.

      The Create new scan profile for cloud window appears.

      Note: You can also use the default scan profile. Vulnerability scan with agentless assessment is enabled by default for the default scan profile.
    4. In the Scan profile name box, type a name for the scan profile or retain the default name.

    5. In Step 1 Cloud config assessment options, retain the default selections or do one of the following:

      • Select the check box next to the option to select all the options within a category.

      • Click the drop-down arrow to show all the available options in the category. Select the check boxes as needed.

        Note: The count next to the drop-down arrowshows: Number of options available / Number of options selected.

    6. In Step 2, click the Enable Vulnerability Scan (optional) toggle to enable vulnerability scan.
      Note: Tenable Cloud Security scans Azure Virtual Machines for vulnerabilities after it completes the Misconfiguration Scan. These resources are available under the Compute category.
    7. (Optional) Click Preview to view all the selected assessment options.
    8. Click Create Scan Profile.

      Tenable Cloud Security creates the scan profile and the newly created scan profile appears on the Configure cloud scan window.

    9. In the row of the scan profile that you created for a vulnerability scan, click Run Scan.

      Tenable Cloud Security runs the vulnerability scan and you can view the vulnerability scan results on the Tenable Cloud Security Vulnerabilities page and also on the Tenable Vulnerability Management Findings page.