Recently Viewed Topics
Launch a Remediation Scan
12/21/17 - SMJ - This content is in progress. See https://jira.corp.tenablesecurity.com/browse/RDC-1742.
A remediation scan is a type of active scan. It evaluates a specific plugin against a specific target or targets where the related vulnerability was present in an earlier scan.
Remediation scans allow you to validate whether your vulnerability remediation actions on the targets have been successful. If a remediation scan cannot identify a vulnerability on targets where it was previously identified, the system changes the status of the vulnerability instances to mitigated. For more information about the methodology the system uses in remediation scans, see .
- If the selected plugin requires dependent plugins, the system automatically includes those plugins in the remediation scan.
- Remediation scans are intended for use with active scan results. Remediation scans are also available for agent scan results, but keep in mind that a remediation scan launches an active scan against the target, not an agent scan. Remediation scans are not available for passive scan or event scan results.
- Remediation scans only evaluate plugins against the port you specify. Keep this in mind when launching a remediation scan for a plugin that typically targets multiple ports.
- Remediation scans work best for un-credentialed network scan results. Use caution when running a remediation scan for a plugin that requires scan credentials. If you neglect to add scan credentials when required for a specific plugin, or if you mis-enter the credentials, the system may identify the related vulnerabilities as mitigated, not because they are mitigated, but because the system could not complete the credentialed scan.
You can launch a remediation scan directly on the Vulnerability Analysis page, rather than on the Active Scans page.
To launch a remediation scan:
Log in to SecurityCenter as an organizational user with appropriate permissions. For more information, see User Roles.
- Click Analysis > Vulnerabilities.
Launch from either the Vulnerability Summary or the Vulnerability List.
- Select either Vulnerability Summary or Vulnerability List from the drop-down box.
- Click the gear button next to the vulnerability instance that you want to remediate.
- Click Launch Remediation Scan in the menu.
-or-Launch from the Vulnerability Detail List.
- Select Vulnerability Detail List from the drop-down box.
- Click the Launch Remediation Scan button.
Configure the settings for the scan.
A remediation scan inherits certain settings from the vulnerability instance you selected. For example, the Launch Remediation Scan page:
- Automatically populates the relevant plugin information.
- Provides an editable scan name in the format "Remediation Scan of Plugin # number".
- Populates the target IP address based on the asset where the previous scan identified the vulnerability.
Unlike standard active scans:
- You do not need to associate the remediation scan with a scan policy.
- You cannot schedule a remediation scan. The scan launches as soon as you submit it.
For all other scan parameters, configure as described in Active Scans.