TOC & Recently Viewed

Recently Viewed Topics

Launch a Remediation Scan

A remediation scan is a type of active scan run against active scan results. It evaluates a specific plugin against a specific target or targets where the related vulnerability was present in an earlier scan.

Remediation scans allow you to validate whether your vulnerability remediation actions on the targets have been successful. If a remediation scan cannot identify a vulnerability on targets where it was previously identified, the system changes the status of the vulnerability instances to mitigated. For more information, see Cumulative vs. Mitigated Vulnerabilities.

Note:

  • If the selected plugin requires dependent plugins, the system automatically includes those plugins in the remediation scan.
  • You cannot perform remediation scans for agent repository scan results.

  • You cannot perform remediation scans for passive scan results or event scan results.
  • Remediation scans only evaluate plugins against the port you specify. Keep this in mind when launching a remediation scan for a plugin that typically targets multiple ports.
  • Remediation scans work best for un-credentialed network scan results. Use caution when running a remediation scan for a plugin that requires scan credentials. If you neglect to add scan credentials when required for a specific plugin, or if you mis-enter the credentials, the system may identify the related vulnerabilities as mitigated, not because they are mitigated, but because the system could not complete the credentialed scan.

To launch a remediation scan:

  1. Log in to SecurityCenter as an organizational user with appropriate permissions. For more information, see User Roles.

  2. Click Analysis > Vulnerabilities.

    The Vulnerability Analysis page appears.

  3. Click the analysis tools drop-down box and select Vulnerability Detail List, Vulnerability List, or Vulnerability Summary.

    The page refreshes to show the analysis tool view you selected.

  4. In the row for the vulnerability you want to recast, click the gear icon.
  5. Click Launch Remediation Scan.

    The Launch Remediation Scan page appears.

    A remediation scan inherits certain settings from the vulnerability instance you selected. The Launch Remediation Scan page:

    • Automatically populates the relevant plugin information.
    • Provides an editable scan name in the format "Remediation Scan of Plugin # number".
    • Populates the target IP address based on the asset where the previous scan identified the vulnerability.
  6. Configure the settings for the scan, as described in Active Scans.

    Note: You do not need to associate the remediation scan with a scan policy.

    Note: You cannot schedule a remediation scan. The scan launches as soon as you submit it.

  7. Click Submit.

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.