Web App Scans

For instructions on how to configure web app scans, see the following:

• Configure web app scans with Tenable Security Center using Tenable Core or Docker image

• Configure web app scans using a Tenable Nessus scanner

To fully configure web app scans with Tenable Security Center using Tenable Core or Docker image:

1. Apply the Tenable Web App Scanning for Tenable Security Center license, as described in Update an Existing License.

2. Ensure the Tenable Web App Scanning plugins are updated, as described in Plugin/Feed Settings. The plugins automatically update when the license is updated.

3. Add a Sensor Proxy to Tenable Security Center if there is not one added or if a new one is required due to network architecture.

4. Add a Tenable Core + Tenable Web App Scanning or a Tenable Web App Scanning as a Docker image to your environment.

5. Add a Web Application Scanner to your Sensor Proxy.

6. Add a scan zone in Tenable Security Center, as described in Add a Scan Zone.

7. Add a universal repository for the scan data in Tenable Security Center, as described in Add a Repository.

8. Configure your Tenable Web App Scanning credentials, as described in Add Credentials.

9. Create a Web App Scanning scan policy, as described in Add a Scan Policy.

10. Add a web app scan in Tenable Security Center, as described in Add a Web App Scan.

To fully configure web app scans using a Tenable Nessus scanner:

1. Apply the Tenable Web App Scanning for Tenable Security Center license, as described in Update an Existing License.

2. Ensure the Tenable Web App Scanning plugins are updated, as described in Plugin/Feed Settings. The plugins automatically update when the license is updated.

3. If you are configuring a Tenable Nessus scanner:

   1. Ensure you are running Docker version 20.0.0 or later on your Tenable Nessus host. Tenable recommends the official Docker builds and install packages.

      Note: If your scanner is configured to connect through a proxy, ensure that you configure the proxy settings directly in Docker.

   2. Ensure you are running Tenable Nessus version 10.6.1 or later.

   3. Ensure your system meets the hardware requirements for Tenable Nessus with Tenable Web App Scanning enabled.

   Note: The following platforms do not support web app scanning in Tenable Nessus:

   • Any host system that does not support official Docker builds.

   • Any host that uses an ARM-based processor (for example, AArch64 Linux distributions and macOS M1 and M2 systems).

   • Tenable Core + Tenable Nessus, or any instance of Tenable Nessus that already runs within a Docker image.

   For more information about Docker support on virtualized hosts, see the Docker documentation.

4. Enable the Tenable Web App Scanning Capable option for the Tenable Nessus scanner in Tenable Security Center, as described in Tenable Nessus Scanners.

5. Add a scan zone in Tenable Security Center, as described in Add a Scan Zone.

6. Add a universal repository for the scan data in Tenable Security Center, as described in Add a Repository.

7. Configure your Tenable Web App Scanning credentials, as described in Add Credentials.

8. Create a Web App Scanning scan policy, as described in Add a Scan Policy.

9. Add a web app scan in Tenable Security Center, as described in Add a Web App Scan.