Preconfigured Assessment Scan Settings

Certain Tenable-provided scanner templates include preconfigured assessment settings, described in the following table. The preconfigured assessment settings are determined by both the template and the Scan Type that you select.

Template Scan Type Preconfigured Settings
Discovery
Host Discovery
Vulnerabilities
Basic Network Scan Default (default)
  • General Settings:
    • Avoid false alarms
    • Disable CGI scanning
  • Web Applications:
    • Disable web application scanning

Scan for known web vulnerabilities

  • General Settings:
    • Avoid potential false alarms
    • Enable CGI scanning
  • Web Applications:
    • Start crawling from "/"
    • Crawl 1000 pages (max)
    • Traverse 6 directories (max)
    • Test for known vulnerabilities in commonly used web applications
    • Generic web application tests disabled
Scan for all web vulnerabilities (quick)
  • General Settings:
    • Avoid potential false alarms
    • Enable CGI scanning
  • Web Applications:
    • Start crawling from "/"
    • Crawl 1000 pages (max)
    • Traverse 6 directories (max)
    • Test for known vulnerabilities in commonly used web applications
    • Perform each generic web app test for 5 minutes (max)
Scan for all web vulnerabilities (complex)
  • General Settings:
    • Avoid potential false alarms
    • Enable CGI scanning
    • Perform thorough tests
  • Web Applications:
    • Start crawling from "/"
    • Crawl 1000 pages (max)
    • Traverse 6 directories (max)
    • Test for known vulnerabilities in commonly used web applications
    • Perform each generic web app test for 10 minutes (max)
    • Try all HTTP methods
    • Attempt HTTP Parameter Pollution
Custom

All defaults

Advanced Scan
Advanced Dynamic Scan
Malware Scan Malware Settings defaults
Mobile Device Scan
Web Application Tests

Scan for known web vulnerabilities

  • General Settings:
    • Avoid potential false alarms
    • Enable CGI scanning
  • Web Applications:
    • Start crawling from "/"
    • Crawl 1000 pages (max)
    • Traverse 6 directories (max)
    • Test for known vulnerabilities in commonly used web applications
    • Generic web application tests disabled
Scan for all web vulnerabilities (quick) (Default)
  • General Settings:
    • Avoid potential false alarms
    • Enable CGI scanning
  • Web Applications:
    • Start crawling from "/"
    • Crawl 1000 pages (max)
    • Traverse 6 directories (max)
    • Test for known vulnerabilities in commonly used web applications
    • Perform each generic web app test for 5 minutes (max)
Scan for all web vulnerabilities (complex)
  • General Settings:
    • Avoid potential false alarms
    • Enable CGI scanning
    • Perform thorough tests
  • Web Applications:
    • Start crawling from "/"
    • Crawl 1000 pages (max)
    • Traverse 6 directories (max)
    • Test for known vulnerabilities in commonly used web applications
    • Perform each generic web app test for 10 minutes (max)
    • Try all HTTP methods
    • Attempt HTTP Parameter Pollution
Custom

All defaults

Credentialed Patch Audit Brute Force, Windows, and Malware defaults
Badlock Detection
Bash Shellshock Detection   Web Crawler defaults
DROWN Detection
Intel AMT Security Bypass
Log4Shell Default

  • General Settings

    • Avoid potential false alarms

    • Disable CGI scanning

  • Web Applications

    • Disable web application scanning
Log4Shell Remote Checks Default

  • General Settings

    • Avoid potential false alarms

    • Disable CGI scanning

  • Web Applications

    • Disable web application scanning
Log4Shell Vulnerability Ecosystem Default

  • General Settings

    • Avoid potential false alarms

    • Disable CGI scanning

  • Web Applications

    • Disable web application scanning
Shadow Brokers Scan
Spectre and Meltdown
WannaCry Ransomware
Compliance
Audit Cloud Infrastructure
Internal PCI Network Scan Default
  • General Settings:
    • Avoid false alarms
    • Disable CGI scanning
  • Web Applications:
    • Disable web application scanning

Scan for known web vulnerabilities

  • General Settings:
    • Avoid potential false alarms
    • Enable CGI scanning
  • Web Applications:
    • Start crawling from "/"
    • Crawl 1000 pages (max)
    • Traverse 6 directories (max)
    • Test for known vulnerabilities in commonly used web applications
    • Generic web application tests disabled
Scan for all web vulnerabilities (quick)
  • General Settings:
    • Avoid potential false alarms
    • Enable CGI scanning
  • Web Applications:
    • Start crawling from "/"
    • Crawl 1000 pages (max)
    • Traverse 6 directories (max)
    • Test for known vulnerabilities in commonly used web applications
    • Perform each generic web app test for 5 minutes (max)
Scan for all web vulnerabilities (complex)
  • General Settings:
    • Avoid potential false alarms
    • Enable CGI scanning
    • Perform thorough tests
  • Web Applications:
    • Start crawling from "/"
    • Crawl 1000 pages (max)
    • Traverse 6 directories (max)
    • Test for known vulnerabilities in commonly used web applications
    • Perform each generic web app test for 10 minutes (max)
    • Try all HTTP methods
    • Attempt HTTP Parameter Pollution
Custom

All defaults

MDM Config Audit
Offline Config Audit
PCI Quarterly External Scan
Policy Compliance Auditing
SCAP and OVAL Auditing