Launch a Remediation Scan

Required User Role: Organizational user with appropriate permissions. For more information, see User Roles.

You can run a remediation scan to run a followup active scan against existing active scan results. A remediation scan evaluates a specific plugin against a specific target or targets where the related vulnerability was present in your earlier active scan.

Remediation scans allow you to validate whether your vulnerability remediation actions on the targets have been successful. If a remediation scan cannot identify a vulnerability on targets where it was previously identified, the system changes the status of the vulnerability to mitigated. For more information, see Cumulative vs. Mitigated Vulnerabilities.

Note the following:

  • You can perform remediation scans only for active scan results.

  • You cannot perform remediation scans for agent repository scan results.

  • You cannot perform remediation scans for Tenable OT Security scan results.

  • If the selected plugin requires dependent plugins, the system automatically includes those plugins in the remediation scan.

  • Remediation scans only evaluate plugins against the port you specify. Keep this in mind when launching a remediation scan for a plugin that typically targets multiple ports.

  • See the Understanding Tenable Security Center Mitigations knowledge base article for more information on mitigation logic.

Note: If you are scanning a Linux machine with Tenable Security Center, the Linux machine's shell configuration file must have a PS1 variable of four or more characters (for example, PS1='\u@\h:~\$ '). Having a PS1 variable of less than four characters (for example, PS1='\$ ') can drastically increase the overall scan time.

To launch a remediation scan:

  1. Log in to Tenable Security Center via the user interface.

  2. Click Analysis > Vulnerabilities.

    The Vulnerabilities page appears.

  3. In the analysis tools drop-down box, select Vulnerability Summary.

    The page refreshes to show the analysis tool view you selected.

  4. Right-click the row for the vulnerability for which you want to launch a remediation scan and click Launch Remediation Scan.

    The Launch Remediation Scan page appears.

    Note: A remediation scan inherits certain settings from the vulnerability or vulnerability instance you selected. The Launch Remediation Scan page:

    • Automatically populates the relevant plugin information.

    • Provides an editable scan name in the format "Remediation Scan of Plugin # number".

    • Populates the target IP address based on the asset where the previous scan identified the vulnerability.

  5. Configure the settings for the scan, as described in Active Scan Settings.

    Note: You do not need to associate the remediation scan with a scan policy.

    Note: You cannot schedule a remediation scan. The scan launches as soon as you submit it.

  6. Click Submit.

    Tenable Security Center launches the remediation scan.