TOC & Recently Viewed

Recently Viewed Topics

About Target Groups

A Target Group allows you to set permissions on which hosts users can scan or view. By default, all users can scan all hosts.

You must grant at least one user the ability to run scans, either by changing the default target permissions or by granting individual users permissions within a target group.

Target Groups page

Target Group Types

System target groups are used to set permissions on which hosts a user can scan or view. By default, all users can scan all hosts. You can restrict this by removing scan permissions on the default target group and creating additional target groups with more granular permissions.

Optionally, you can enable asset isolation to deactivate the default target group and control scanning permissions via individual system target group settings. For more information, see Enable or Disable Asset Isolation.

User User target groups do not grant scan or view permissions. Instead, user target groups provide more granular filtering on the hosts permitted to you in system target groups. You can use these lists when filtering dashboards or configuring scans.

You can use target groups in scans based on the permissions assigned to the target group.

Target Group Settings





A name for the target group.


A comma-separated list of host names or IP address ranges that you want to scan.

Upload Targets

A text file containing a comma-separated list of hostnames or IP address ranges that you want to scan.

The system adds the uploaded targets to the Targets box after you save the target group.


Add users or groups

One or more existing user accounts that you want to grant permissions to scan the target group.

Note: Target group permissions do not increase user role permissions (e.g., basic users cannot run scans). Consider a user's role when assigning them target group permissions.


The default permissions for user accounts not listed in the Add users or groups box: No Access, Can View, or Can Scan.

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable,, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.