Recently Viewed Topics
About Asset Management
Tenable.io includes the ability to track assets that belong to your organization. Assets are entities of value on a network that can be exploited. This includes laptops, desktops, servers, routers, mobile phones, virtual machines, software containers, and cloud instances. By providing comprehensive information about the assets that belong to your organization, Tenable.io helps to eliminate potential security risks, identify under-utilized resources, and support compliance efforts.
Note: If you are new to asset management with Tenable.io, review the workflow.
Tenable.io automatically creates or updates assets when a scan completes or scan results are imported. Tenable.io attempts to match incoming scan data to existing assets using a complex algorithm. This algorithm looks at attributes of the scanned hosts and employs a variety of heuristics to choose the best possible match. If Tenable.io cannot find a match, the system assumes this is the first time Tenable.io has encountered the asset and creates a new record for it. Otherwise, if Tenable.io finds a matching asset, the system updates any properties that have changed since the last time Tenable.io encountered the asset.
In addition to vulnerability information, Tenable.io also attempts to gather various other information about the asset, including:
- Interfaces (IP address and MAC address).
- DNS Names.
- NetBIOS Name.
- Operating System.
- Installed Software.
- UUIDS (Tenable, ePO, BIOS).
- Whether an agent is present.
When you access the Assets workbench, a table of assets appears. This documentation refers to that table as the assets table. When you view an asset on the assets table, or directly via the Assets workbench, you can view the Tenable agents that observed the asset, the date it was discovered, and the date it was last observed. You can also view additional information about the asset.
When you view an asset, the Vulnerabilities section appears, displaying a table of vulnerabilities. The Vulnerabilities section is identical to the information you can view using the Vulnerabilities workbench, but filtered to vulnerabilities detected on the selected asset.