TOC & Recently Viewed

Recently Viewed Topics

Create a Scan

Required User Role: Standard, Scan Manager, or Administrator

To create a scan:

  1. In the top navigation bar, click the Scans button.

    The My Scans page appears.

  2. In the upper-right corner, click New Scan.

    The Scan Templates page appears.

  3. Click the Web Application tab.

    The Web Application templates appear.

  4. Select one of the following template types based on the scan you want to run:

    • Web App Overview — Run a high-level preliminary scan that determines which URLs in your web application that Tenable.io Web Application Scanning scans by default.

      Note: Tenable recommends that you run a Web Application Overview scan the first time you scan a web application. Based on the results, when you run a full Web App Scan, you can use the default settings or configure the template options to exclude certain URLs.

    • Web App Scan — Run a scan on your web application for vulnerabilities.
    • Legacy Web App Scan — Use a Nessus scanner to run a scan on your web application for vulnerabilities.

      Note: Unlike the Tenable.io Web Application Scanning scanner, the Nessus scanner does not use a browser to scan your web applications. Therefore, a Legacy Web App Scan is not as comprehensive as a Web App Scan.

    • PCI WAS Scan — Run a scan for PCI compliance.
  5. In the Name box, type a name for the scan.
  6. In the Targets box, type the type the IP address or range of IP addresses, hostname, or fully-qualified domain name (FQDN) for the target you want to scan.

  7. (Optional) To select a scanner other that the default scanner, in the Scanner drop-down box, select a new scanner. For more information, see Cloud Scanners.
  8. (Optional) To modify your scan settings, configure the options in the scan template.
  9. Depending on when you want to launch your scan, do one of the following:

    Note: If you schedule an excessive number of scans to run concurrently, you may exhaust the scanning capacity on Tenable.io Web Application Scanning. If necessary, Tenable.io staggers concurrent scans to ensure consistent scanning performance.

    • If you want to launch the scan later, click Save.

      Tenable.io Web Application Scanning saves your scan.

    • If you want to launch the scan immediately:

      1. Click the Save drop-down button.
      2. Click Launch.

        Tenable.io Web Application Scanning queues the scan to launch.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable, Tenable.io, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.. Tenable.sc, Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.