Findings

A finding is a single instance of a weakness (vulnerability or misconfiguration) appearing on an asset, identified uniquely by plugin ID, port, and protocol. The Findings tab on the Inventory page highlights findings on your assets and provides useful insights into those findings, including descriptions, assets affected, criticality, and more. By providing comprehensive information about your findings, Tenable Exposure Management helps to identify potential security risks, visibility on under-utilized resources, and support compliance efforts.

To access the Findings tab:

  1. Do one of the following:

    • In the left navigation menu, click Inventory > Findings.

    • At the top of the Inventory page, click the Findings tab.

    The Findings tab appears.

In the Findings tab, you can:

  • View the total number of findings on assets within your container.

  • View the total number of new findings discovered within the last 7 days.

  • View the total number of new findings with a Vulnerability Priority Rating (VPR) greater than 7.

  • Use the Search box to search for a specific finding in the list.

    1. Click the button.

      The Add filter button appears.

    2. Click Add filter .

      A menu appears.

    3. Do one of the following:

      • To search the findings list by tag, click Tags.

      • To search the findings list by property, click Properties.

    4. In the search box, type the criteria by which you want to search the list.

      Tenable Exposure Management populates a list of options based on your criteria.

    5. Click the tag or property by which you want to filter the findings list.

      A menu appears.

    6. Select how to apply the filter. For example, if you want to search for finding related to Windows, then select the contains radio button and in the text box, type Windows.

    7. Click Add filter .

      The filter appears above the asset list.

    8. Repeat these steps for each additional filter you want to apply.

    9. Click Apply filters.

      Tenable Exposure Management filters the list by the designated criteria.

  • To reduce noise within your findings list, you can group your findings by their associated weakness.

    Tip: For more information, see Weaknesses.

    1. Above the list, click Group by .

      A menu appears.

    2. Click Weaknesses.

      Tenable Exposure Management groups your findings by their associated weakness. Click the button for any weakness group to view the full list of findings within that group.

    1. (Optional) To export only specific table rows, in the table, select the check box next to the rows you want to export.

    2. Click the button.

      The Export window appears.

    3. Do one of the following:

      • To export the entire table, select the Entire Table radio button.

        Note: When you export the entire table, Tenable Exposure Management only includes the first 50 columns. To view asset data for a larger number of assets, use the Search Assets API call.

      • To export the current page, select the Current Page radio button.

      • To export the selected rows, select the Selected Rows radio button.

    4. In the File Name text box, type a file name to give the exported file.

    5. In the Formats section, select the format in which you want to export the data.

    6. In the Columns section, select the check box for each column you want to include in the export file.

    7. Click Export.

      Tenable Exposure Management downloads the export file to your computer. Depending on your browser settings, your browser may notify you that the download is complete.

    1. Click Columns .

      The Customize columns window appears.

    2. (Optional) In the Reorder added columns section, click and drag any column name to reorder the columns.

    3. (Optional) In the Show/Hide section, select/delesect the checkboxes to show or hide columns in the table.

    4. (Optional) In the Remove section, click the button to permanently remove a column from the table.

    5. (Optional) To add columns to the table, click Add Columns.

      The Add columns to table window appears.

      1. (Optional) Use the search bar to search for a column property.

        The list of column properties updates based on your search query.

      2. Select the checkbox next to any column or columns you want to add to the table.

      3. Click Add.

        The column appears in the Customize columns window.

    6. (Optional) Click Reset to Defaults to reset all columns to their defaults.

    7. Click Apply Columns.

      Tenable Exposure Management saves your changes to the columns in the table.

  • View a list of your findings, including the following information:

    • Finding Name — The name of the finding.

    • Asset Name — The name of the asset on which the finding exists.

    • Severity Level — The severity of the finding, for example, Critical.

      Note: At this time, Tenable Exposure Management does not include information for Info level severity findings.

    • State — The state of the finding, for example ACTIVE or FIXED.

    • Solution — A brief description of how you can remediate the finding.

    • VPR Score (Beta) — The vulnerability's vulnerability priority rating using VPR (Beta) scoring.

      Tip: For more information, see the Scoring Explained Quick Reference Guide.

    • Sources — The application the finding's asset originated from, for example, Tenable Vulnerability Management.

    • Click See details to view more details about a finding. For more information, see Finding Details.