Scan Results

You can view scan results to help you understand your organization’s security posture and vulnerabilities. Color-coded indicators and customizable viewing options allow you to customize how you view your scan’s data.

You can view scan results in one of several views:

Page	Description
Compliance	If the scan includes compliance checks, this list shows counts and details sorted by vulnerability severity. If you configure the scan for compliance scanning, the button allows you to navigate between the Compliance and Vulnerability results.
Dashboard	In Tenable Nessus Manager, the default scan results page shows the Dashboard view.
History	The History shows a listing of scans: Start Time, End Time, and the Scan Statuses. Notes: Only the scan owner can delete a scan's history. Scan histories are unavailable for imported scans and configured scans that Tenable Nessus has not executed.
Hosts	The Hosts page shows all scanned targets.
Notes	The Notes page shows additional information about the scan and the scan’s results.
Records (Attack Surface Discovery scan template only)	View a list of the DNS records identified during the last attack surface discovery scan. The list only shows a maximum of 2,500 records across all scanned domains, but you can filter the table and only view certain record types or records from a specific domain. Tenable Nessus provides the following information for each record: Hostname — The record's hostname. IP Address — The IP address related to the record. Ports — The discovered open ports on the scanned IP, if applicable. Type — The DNS record type. Some of the most common record types are: A — Host address AAAA — IPv6 host address CNAME — Canonical name for an alias MX — Mail exchange NS — Name server PTR — Pointer SOA — Start of authority SRV — Location of service TXT — Text Target Hostname — The hostname targeted by the DNS record. This is often the same as the Hostname. The Records page also shows details about the latest attack surface discovery scan: Policy — The scan policy used for the scan (Domain Discovery). Status — The current scan status. Severity Base — The severity base used in the scan (for example, CVSS v3.0). Scanner — The scanner used for the scan. Start — The scan start time and date. End — The scan end time and date. Elapsed — The time elapsed between the Start and End times.
Remediations	If the scan's results include Remediation information, this list shows suggested remediations that address the highest number of vulnerabilities.
Scan Summary	View a summary of any completed scan in Tenable Nessus Professional, Nessus Expert, or any non-Tenable Nessus Agent scan in Tenable Nessus Manager.
Summary (Attack Surface Discovery scan template only)	View a summary of your attack surface discovery scan configuration. The summary table shows a row for each scanned domain with the following details: Domain — The scanned domain name. First Complete Pull — The date and time the scanned domain data was, or will be, available. Data Refreshed — The date and time that Bit Discovery last updated the domain data that Tenable Nessus pulls. Bit Discovery refreshes the data that Tenable Nessus pulls every 90 days. Next Data Refresh — The date and time of the next refresh of this domain's data in Bit Discovery. Bit Discovery refreshes the data that Tenable Nessus pulls every 90 days. Ages Out from License — The data and time the domain ages out from your Tenable Nessus license. Record Count — The number of subdomain records generated
Vulnerabilities	List of identified vulnerabilities, sorted by severity. Tip: To view vulnerabilities by VPR, click in the table header, click Disable Groups, and sort the table by VPR Score.