Identify Your Exposure
On the Vulnerability Intelligence page, you can review all vulnerabilities known to Tenable or only those in crucial categories such as Recently Actively Exploited. Then, you can compare the list of vulnerabilities to findings in your environment. This process has two parts: 1) review known vulnerabilities and, 2) compare them to your findings.
Review Known Vulnerabilities
First, build a list of known vulnerabilities to compare with your own findings.
To review vulnerabilities known to Tenable:
-
In the left navigation, click Vulnerability Intelligence.
The Vulnerability Intelligence Overview page appears.
-
(Optional) Click a hexagon tile to choose a vulnerability category. If you want to search all vulnerabilities, click the default category to deselect it.
In the CVEs tab in the lower half of the page, a table of results appears.
Tip: Under How Does This Affect Me? click Findings or Affected Assets to open those tabs and start reviewing your vulnerabilities. -
(Optional) Use the Query Builder to refine the results, as described in Use the Query Builder.
-
(Optional) In a table row, click the dropdown > to view affected assets for the CVE.
-
(Optional) Click a row in the table.
The Vulnerability Intelligence Profile page for the CVE appears.
Compare Known Vulnerabilities to Your Findings
Once you have built a list of known vulnerabilities, compare them with your findings in the My Findings tab or the My Affected Assets tab as follows.
Click the My Findings tab and do one of the following:
-
Refine your results with the Query Builder.
-
In a row, click the number in the Affected Assets column.
The Assets page appears. It is grouped by Asset and lists findings for that Tenable plugin.
-
Click the dropdown > to display a list of assets with that finding. Then, click an Asset Name.
The Asset Details page appears.
Click the My Affected Assets tab and do one of the following:
-
Refine your results with the Query Builder.
In a row, click the number in the Plugin Count column.
-
The Assets page appears. It is grouped by Plugin and lists findings for that asset.
-
Click the dropdown > to display a list of assets with that finding. Then, click an Asset Name.
A list of plugins that identified findings on that asset appears.