Web App Scans

Required Additional License: Tenable Web App Scanning for Tenable Security Center

Web application scanning in Tenable Security Center allows you to scan and address web application vulnerabilities that traditional scanners cannot scan.

You can use a Tenable Nessus scanner to perform web app scans. For more information about Tenable Nessus scanners, see Tenable Nessus Scanners.

For more information about web app scans in Tenable Security Center, see Manage Web App Scans and Web App Scan Settings.

For more information about your Tenable Web App Scanning for Tenable Security Center license, see License Requirements.

Note: Tenable Security Center allows only one concurrent web app scan per configured Tenable Nessus scanner at a time.

To fully configure web app scans using a Tenable Nessus scanner:

1. Apply the Tenable Web App Scanning for Tenable Security Center license, as described in Update an Existing License.

2. Ensure the Tenable Web App Scanning plugins are updated, as described in Plugin/Feed Settings. The plugins automatically update when the license is updated.

3. If you are configuring a Tenable Nessus scanner,

   1. Ensure you are running Docker version 20.0.0 or later on your Tenable Nessus host. Tenable recommends the official Docker builds and install packages.

   2. Ensure you are running Tenable Nessus version 10.6.1 or later.

   3. Ensure your system meets the hardware requirements for Tenable Nessus with Tenable Web App Scanning enabled.

   Note: The following platforms do not support web app scanning in Tenable Nessus:

   • Any host system that does not support official Docker builds.

   • Any host that uses an ARM-based processor (for example, AArch64 Linux distributions and macOS M1 and M2 systems).

   • Tenable Core + Tenable Nessus, or any instance of Tenable Nessus that already runs within a Docker image.

   For more information about Docker support on virtualized hosts, see the Docker documentation.

4. Enable the Tenable Web App Scanning Capable option for the Tenable Nessus scanner in Tenable Security Center, as described in Tenable Nessus Scanners.

5. Add a scan zone in Tenable Security Center, as described in Add a Scan Zone.

6. Add a universal repository for the scan data in Tenable Security Center, as described in Add a Repository.

7. Configure your Tenable Web App Scanning credentials, as described in Add Credentials.

8. Create a Web App Scanning scan policy, as described in Add a Scan Policy.

9. Add a web app scan in Tenable Security Center, as described in Add a Web App Scan.

What to do next:

• View scan results, as described in Scan Results.

• View web app scan vulnerability data, as described in Web App Scanning Analysis.