Web App Scanning Analysis Tools

Asset Summary

Summarizes the scores and counts of web app vulnerabilities for all dynamic or static asset lists.

A breakdown of each asset’s specific web app vulnerabilities and counts for each severity level is also included.

You can click a count to view the IP Summary tool, filtered by the asset list you selected.

CCE Summary

Displays a summary of hosts which have Common Configuration Enumeration (CCE) vulnerabilities.

You can click a count to view the Vulnerability Summary tool, filtered by the CCE vulnerability you selected.

Class A Summary

Class B Summary

Class C Summary

Summarizes host information.

The vulnerability score for an address is computed by adding up the number of vulnerabilities at each severity level and multiplying it with the organization’s severity score.

Starting out with a Class A or Class B summary can identify more active network ranges for networks with a large number of active IP addresses.

You can click a Class A or Class B row to view the Class B or Class C tool, filtered by the asset list you selected. You can click a Class C row to view the IP Summary tool, filtered by the asset list you selected.

CVE Summary

Displays web app vulnerabilities grouped by CVE ID, severity, and vulnerability count.

DNS Name Summary

Tenable Security Center includes the ability to summarize information by vulnerable DNS name. The DNS Name Summary displays the matching hostnames, the repository, vulnerability count, and a breakdown of the individual severity counts.

You can click a DNS name to view the Vulnerability List tool, filtered by the DNS name you selected.

IP Summary

Summarizes host information, organized by IP address/agent ID. You can click the IP Address to view host details, as described in View Host Details.

For more information, see View Vulnerabilities by Host.

List OS

Tenable Security Center understands both actively and passively fingerprinted operating systems. This tool displays a list of discovered operating systems, including the method of discovery (for example, active, passive, or event).

You can click a count to view the IP Summary tool, filtered by operating system.

Plugin Family Summary

Charts the Nessus, Tenable Nessus Network Monitor, or Event plugin family as well as their relative counts based on severity level for all matching vulnerabilities.

You can click a count to view the Vulnerability List tool, filtered by the plugin family you selected.

Port Summary

Summarizes the ports in use for all matched vulnerabilities. Each port displays a count of vulnerabilities and a breakdown for each severity level.

You can click a port to view the IP Summary tool, filtered by the port you selected.

Severity Summary

Displays the total number of info, low, medium, high, and critical vulnerabilities.

You can click a count to view the Vulnerability Summary tool, filtered by the severity you selected.

User Responsibility Summary

Displays a list of the users who are assigned responsibility for the vulnerability based on the user’s assigned asset list. Multiple users with the same responsibility are displayed on the same line. Users without any assigned responsibilities are not displayed in the list. Tenable Security Center populates this list after you assign an asset to a user account.

Vulnerability Summary

Displays a table of all plugins associated with vulnerabilities on your network, organized by plugin ID.

For more information, see View Vulnerabilities by Plugin.

Web App Vuln Detail List