Findings

A finding is a single instance of a vulnerability (weakness or misconfiguration) appearing on an asset, identified uniquely by plugin ID, port, and protocol. The Findings tab on the Inventory page highlights findings on your assets and provides useful insights into those findings, including descriptions, assets affected, criticality, and more. By providing comprehensive information about your findings, Tenable Exposure Management helps to identify potential security risks, visibility on under-utilized resources, and support compliance efforts.

To access the Findings tab:

  1. Do one of the following:

    • In the left navigation menu, click Inventory > Findings.

    • At the top of the Inventory page, click the Findings tab.

    The Findings tab appears.

In the Findings tab, you can:

  • View the total number of findings on assets within your container.

  • View the total number of new findings discovered within the last 7 days.

  • View the total number of new findings with a Vulnerability Priority Rating (VPR) greater than 7.

  • Use the Search box to search for a specific finding in the list.

    1. Click the button.

      The Add filter button appears.

    2. Click Add filter .

      A menu appears.

    3. Do one of the following:

      • To search the findings list by tag, click Tags.

      • To search the findings list by property, click Properties.

    4. In the search box, type the criteria by which you want to search the list.

      Tenable Exposure Management populates a list of options based on your criteria.

    5. Click the tag or property by which you want to filter the findings list.

      A menu appears.

    6. Select how to apply the filter. For example, if you want to search for finding related to Windows, then select the contains radio button and in the text box, type Windows.

    7. Click Add filter .

      The filter appears above the asset list.

    8. Repeat these steps for each additional filter you want to apply.

    9. Click Apply filters.

      Tenable Exposure Management filters the list by the designated criteria.

  • :

    1. Click the button.

      The Export table plane appears.

    2. In the File Name text box, type a file name to give the exported file.

    3. In the Columns to export section, select the check box for each column you want to include in the export file.

    4. (Optional) To include columns not currently in the table view, click Add more columns.

      The Add columns to export plane appears.

      1. Select the check box for each additional column you want to include in the export file.

    5. In the rows section, ensure the Current Page radio button is selected.

      Tip: Currently, you can only export the rows listed on the current page.

    6. Click Export.

      Tenable Exposure Management downloads the export file to your computer. Depending on your browser settings, your browser may notify you that the download is complete.

    1. Click Columns .

      The Customize columns window appears.

    2. (Optional) In the Reorder added columns section, click and drag any column name to reorder the columns.

    3. (Optional) In the Show/Hide section, select/delesect the checkboxes to show or hide columns in the table.

    4. (Optional) In the Remove section, click the button to permanently remove a column from the table.

    5. (Optional) To add columns to the table, click Add Columns.

      The Add columns to table window appears.

      1. (Optional) Use the search bar to search for a column property.

        The list of column properties updates based on your search query.

      2. Select the checkbox next to any column or columns you want to add to the table.

      3. Click Add.

        The column appears in the Customize columns window.

    6. (Optional) Click Reset to Defaults to reset all columns to their defaults.

    7. Click Apply Columns.

      Tenable Exposure Management saves your changes to the columns in the table.

  • View a list of your findings, including the following information:

    • Finding Name — The name of the finding.

    • Asset Name — The name of the asset on which the finding exists.

    • Severity Level — The severity of the finding, for example, Critical.

      Note: At this time, Tenable Exposure Management does not include information for Info level severity findings.

    • State — The state of the finding, for example ACTIVE or FIXED.

    • Solution — A brief description of how you can remediate the finding.

    • Sources — The application the finding's asset originated from, for example, Tenable Vulnerability Management.

    • Click See details to view more details about a finding. For more information, see Finding Details.