Vulnerability and Vulnerable Host Workflow

Minimum Required User Role: Administrator

To configure Tenable Security Center:

Status Description Actions
OPEN

When you start the data collection, all vulnerable hosts are fetched in an open state. Status is OPEN.

 You can manually change status to EXCEPTION or RESOLVED, according to your requirement.
RESOLVED When the vulnerable host arrives in a fixed state, its status changes to RESOLVED automatically, and if all vulnerable hosts are resolved the vulnerability is resolved. You can manually change status to REOPENED, according to your requirement.
REOPENED If a fixed vulnerable host is reopened, it is moved to a reopened state. The status is changed to REOPENED. You can manually change status to EXCEPTION or RESOLVE, according to your requirement.
EXCEPTION If you change the status to Exception, the state remains as it is but the status is changed to EXCEPTION. You can manually change status to RESOLVED, according to your requirement.

Note: Tenable recommends that you do not change the status of an issue manually, except for Exception Status, if required.

Assumptions

  • Upgrade Add-on: Once you upgrade the add-on collection starts automatically from the Next Sync Since time stored in the system info page.

  • Disable Add-on: Once you disable the add-on the Tenable scheduler details are removed from the scheduler detail page.

  • Uninstall/Disable Add-on: If you uninstall or disable the add-on, all the configuration details are stored in the System Info page.

  • Permissions:

    1. Selected users in the Tenable Vulnerability Management, Tenable Security Center, and Tenable Web App Scanning configuration page must have created issue, edit issue, resolve issue, and link issue permissions for the project selected in those configuration pages. Update these with the following steps:

      1. Create, Edit, and Link issues

        1. Navigate to Administration > Issues > Permission schemes > Select scheme of selected project.

        2. Confirm that all three permissions are granted.

      2. Read issues

        1. Navigate to Administration > Issues > Issue security schemes > Select scheme of selected project .

        2. Check that the selected user has access to the issue via one of the security levels.

    2. Selected users in the Tenable Vulnerability Management, Tenable Security Center and Tenable Web App Scanning configuration page must have permission to browse the project. To check the permissions:

      1. Navigate to Administration > Issues > Permission schemes and select the scheme of the selected project.

      2. Confirm that the Browse Project permission is granted.