Web App Scan Settings

Name

The scan name that is associated with the scan’s results. This can be any name or phrase (for example, SystemA, DMZ Scan, or Daily Scan of the Web Farm).

--

Description

Descriptive information related to the scan.

--

Policy

The policy on which you want to base the scan. You can scroll through the list, or search by entering text in the search box at the top of the list of available policies. For more information, see Scan Policy Templates.

--

Schedule

The frequency you want to run the scan.

• Now specifies that you want Tenable Security Center to launch the scan immediately without saving the configuration for later.

  Note: Scans configured to run Now do not appear on the Active Scans page.

• Once specifies that you want Tenable Security Center to launch the scan at the specified time without saving the configuration for later.

  Note: Scans configured to run Once do not appear on the Active Scans page.

• Daily, Weekly, or Monthly specifies that you want Tenable Security Center to launch the scan at a scheduled interval.

  Note: If you schedule your scan to repeat monthly, Tenable recommends setting a start date no later than the 28th day. If you select a start date that does not exist in some months (e.g., the 29th), Tenable Security Center cannot run the scan on those days.

• On Demand specifies that you want to launch the scan manually at any time.

• Dependent specifies that you want Tenable Security Center to launch the scan every time Tenable Security Center finishes a scheduled run of the dependent scan you select.

On Demand

Scan Zone

Note: If your organization's Distribution Method setting is Locked Zone, you cannot modify this setting. If your organization's Distribution Method setting is Automatic Only, Tenable Security Center automatically chooses one or more scan zones and hides this setting.

Specifies the scan zone you want to use to run the scan. Depending on your organization's Distribution Method setting, you can select one of the following:

• An available zone — use a single scan zone to run the scan.

  Note: If you select a single scan zone, Tenable Security Center ignores the ranges in the scan zone and scans all of the targets you specify in the scan configuration.

• Automatic — allow Tenable Security Center to choose the best scan zone to run the scan.

For more information, see Organizations and Scan Zones.

Import Repository

Specifies the repository where Tenable Security Center imports the scan results. Select a Universal repository to receive IPv4 or IPv6 results appropriate to the scan. For more information about repositories, see Repositories.

Immediately remove vulnerabilities from scanned hosts that do not reply

If a previously responsive host does not reply to a scan, Tenable Security Center removes the host's vulnerabilities from the cumulative database. If the host has vulnerabilities in the mitigated database, they remain in the mitigated database.

• If you enable this option, the system removes the vulnerabilities immediately after the scan completes.
• If you disable this option, the system removes the vulnerabilities according to the interval set in the Number of days to wait before removing dead hosts option.

Max scan duration (hours)

Specifies the maximum number of hours you want a scan to run. If a scan reaches this threshold, the scan stops and Tenable Security Center discards the scan results.

Specifies the maximum number of hours you want a scan to be inactive before it times out.

The value for Inactivity timeout duration must be less than the value for Max scan duration.

URL

The URL target for the scan.

--

Add Report

This option provides a list of reports available to the user to run when the web app scan data import completes. For more information, see Add a Report to a Scan.

--