Add a Web App Scan

Required Additional License: Tenable Web App Scanning

Required Tenable Nessus Version: 10.6.1 or later

Required User Role: Organizational user with appropriate permissions. For more information, see User Roles.

You can create web app scans in Tenable Security Center using Web Application Scanning templates. For more information, see Scan Policy Templates.

For more information, see Web App Scans and Web App Scan Settings.

Before you begin:

• Confirm you understand the complete web app scanning configuration process, as described in Web App Scans.

• Configure a Web App Scanning scan policy, as described in Add a Scan Policy.

To add a web app scan:

1. Log in to Tenable Security Center via the user interface.

2. Click Scans > Web App Scans.

   The Web App Scans page appears.

3. At the top of the table, click Add.

   The Add Web App Scan page appears.

4. Click General.

   1. Type a Name for the scan.

   2. (Optional) Type a Description for the scan.

   3. In the Policy drop-down menu, select the Web App Scanning scan policy.

   4. (Optional) Select a Schedule for the scan.

5. Click Settings.

   1. Select a Scan Zone for the scan.

   2. Select an Import Repository for the scan.

6. Click Targets.

   1. Type a target URL for the scan.

7. Click Credentials.

   1. Click Add Credential.

   2. In the drop-down boxes, select a credential type and a preconfigured credential.

   3. Click the check mark to save your selection.

8. (Optional) Click Post Scan.

   1. If you want to configure automatic report generation, click Add Report. For more information, see Add a Report to a Scan.

9. Click Submit.

   Tenable Security Center saves your configuration.

What to do next:

• View scan results, as described in Scan Results.

• View web app scan vulnerability data, as described in Web App Scanning Analysis.