View Host Details

Required User Role: Organizational user with appropriate permissions. For more information, see User Roles.

You can drill into analysis views to view details for a specific host on your network.

To view host details from the Vulnerabilities page:

  1. Log in to Tenable Security Center via the user interface.

  2. Click Analysis > Vulnerabilities.

    The Vulnerabilities page appears.

  3. In the drop-down box, click Vulnerability List.

    The Vulnerability List tool appears.

  4. In the IP Address column, click the IP address link to view host details for a specific vulnerability instance.

    Tip: A vulnerability instance is a single instance of a vulnerability appearing on an asset, identified uniquely by plugin ID, port, and protocol.

    The host details panel appears.

    Section Actions
    System Information

    View information about the host system.

    • IP Address — The host's IP address, if available.

    • UUID — The host's UUID, if available.

    • NetBIOS Name — The host's NetBIOS name, if available.

    • DNS Name — The host's DNS name, if available.

    • MAC Address — The host's MAC address, if available.

    • OS — The operating system running on the host, if available.

    • CPE — The host's application common platform enumeration (CPE).

    • Score — The cumulative score for all vulnerability instances on the host. For more information about vulnerability scoring, see CVSS vs. VPR.

      Tip: A vulnerability instance is a single instance of a vulnerability appearing on an asset, identified uniquely by plugin ID, port, and protocol.

    • Repository — The repository that contains vulnerability data associated with the host.

    • Last Scan — The date and time Tenable Security Center last scanned the host.
    • Passive Data — Indicates whether a passive scan detected the vulnerability.

    • Compliance Data — Indicates whether the scan that detected the vulnerability included compliance plugins.

    Vulnerabilities View the number of vulnerabilities on the host, organized by severity category. For more information, see CVSS vs. VPR.
    Links
    • View SANS and ARIN links for the host. If configured, this section also displays custom resource links.

    • Click a resource link to view details for the current IP address/agent IDs. For example, if the current IP address was a publicly registered address, click the ARIN link to view the registration information for that address.

    Assets View the asset lists containing the asset. For more information, see Assets.

To view host details from the Host Assets page:

  1. Log in to Tenable Security Center via the user interface.

  2. Click Assets > Host Assets.

    The Host Assets page appears.

  3. Click the row for the host.

    The Host Asset Details page appears.

    Section Action
    Host Information

    View general information about the host.

    • Name — The name of the host.
    • System Type — The host's device type, as determined by plugin 54615.

    • Operating System — The operating system running on the host, if available.

    • IP Addresses — The host's IP address, if available.

    • MAC Addresses — The host's MAC address, if available.

    • Host ID — The ID of the host.

    • Repository — The repository that contains vulnerability data associated with the host.

    Asset Exposure Score (Requires Tenable Security Center+ license) View the host's AES. For more information, see Asset Exposure Score in the Tenable Vulnerability Management User Guide.
    Asset Criticality Rating

    (Requires Tenable Security Center+ license) View the host's ACR and details about modifications to the ACR.

    • Overwrite Reasoning — The justification for overwriting the host's ACR.

    • Notes — Notes associated with overwriting the host's ACR.

    • Overwritten By — The user that overwrote the host's ACR.

    • ACR By Key Drivers — The key drivers used to calculate the host's ACR.

    For more information, see Asset Criticality Rating and ACR Key Drivers in the Tenable Vulnerability Management User Guide.

    To edit the host's ACR, see Edit an ACR Manually.

    OT Properties

    View the Tenable OT Security properties for the host. This section appears only for hosts discovered by Tenable OT Security scans.

    • Additional Names - Any additional names for the asset in the network.

    • Additional IP Addresses - Any additional IP addresses for the asset.

    • Segment - The network segment that the IP address(es) of this asset are assigned to.

    • Slot - For assets that are on backplanes, shows the number of the slot to which the asset is attached.

    • Family - The family name of the product as defined by the asset vendor.

    • State - The device state:

      • Backup – the controller is running as a backup to a primary controller.

      • Fault – the controller is in fault mode.

      • NoConfig – no configuration has been set for the controller.

      • Running – the controller is running.

      • Stopped – the controller is not running.

      • Unknown – the state is unknown.

    • Category - The type of asset identified by Tenable OT Security. For more information about categories, see Asset Types in the Tenable OT Security user guide.

    • Purdue - The Purdue level of the asset:

      • 0 - Physical process

      • 1 - Intelligent devices

      • 2 - Control systems

      • 3 - Manufacturing operations systems

      • 4 - Business logistics systems

    • Last Update - The date and time that the asset was last updated.

    • Risk Score - A measure of the degree of risk related to this asset on a scale from 0 (no risk) to 100 (extremely high risk). For an explanation of how the Risk score is calculated, see Risk Assessment in the Tenable OT Security user guide.

    • Description - A brief description of the asset, as configured by the user in the Tenable OT Security asset details. For more information, see Inventory in the Tenable OT Security user guide.

    • Back Plane - The backplane unit that the asset is connected to.

    • System Type - A brief description of the asset, as configured by the user in the OT Security asset details.

    • Model - The model name of the asset.

    • Firmware - The firmware version currently installed on the asset.

    • Location - The location of the asset as input by the user in the Tenable OT Security asset details.

    • Vendor - The asset vendor.

    • Criticality - A measure of the importance of this asset to the proper functioning of the system. A value is assigned automatically to each asset based on the asset type. You can manually adjust the value.

    Scan Information

    View scan information related to the host.

    • First Seen — The date and time Tenable Security Center first detected the host on your network.

    • Last Seen — The date and time last Tenable Security Center detected the host on your network.

    • Source — The type of scan that discovered the host on your network: Tenable Nessus Scan, Tenable Nessus Network Monitor, Log Correlation Engine, Agent Scan, or Tenable OT Security Scan.

    Findings tab
    Installed Software tab

    View the software packages installed on the host, if available.

    Customize the table, as described in Interact with a Customizable Table.