View and Download Compliance Report

The Tenable Cloud Security Reports page shows the compliance reports for all resources based on the last scan. Use this report to view your compliance coverage and identify the resources that are not compliant. You can also download the reports in the CSV format.

To view compliance reports:

  1. In the left navigation bar, click Reports.

    The Reports page appears. The Reports page is grouped by Benchmarks by default. Click Resource Type to view the compliance report grouped by resource types.

    The Reports page includes the following widgets:

    Widget Description
    Benchmark

    Select a benchmark from this drop-down list to filter the compliance report based on the selected benchmark. Click Clear Filters to clear the filters.

    Note: Currently, Tenable Cloud Security does not map some policies with benchmarks. Compliance coverage percentage is calculated based on all applicable policies and might include policies that are not mapped to benchmarks.
    Compliance coverage The compliance coverage in percentage, calculated by dividing the number of passed policies from the total policies.
    Failed checks The number of failed policies.
    Last assessed The date and time of the last scan.

    You can also view the compliance coverage in percentage for each policy category.

  2. In the Reports page, do the following:

    • Select one of the following filters to refine the compliance report:

      Filter Description
      Cloud provider Filters the compliance reports by cloud provider: AWS, Azure, or GCP. When you select a cloud provider using this filter, you can select only the relevant Projects, Cloud accounts, and Repositories for further filtering.
      Projects Filters the compliance reports by projects.
      Cloud accounts Filters the compliance reports by cloud accounts.

    • In the Policies section, do one of the following:

      • Click any policy category to view the policies in that category. You can view the policy severity, cloud provider, resource type, compliance status (Compliant or Non-Compliant), and the date and time on which Tenable Cloud Security last assessed this policy.
      • Use the Search box to search for specific policies.
      • Click the Expand All check box to view an expanded view of all policies with their categories.
      • Filter the policies using one of the following filters:
        FilterDescription
        Policy Status

        Filters the failing policies by one of the following statuses:

        • Compliant: Displays the policies that passed without any violations for all resources.

        • Non-Compliant: Displays the policies that failed with violations for at least one resource.

        • Ignored: Displays the policies that you have ignored. For more information, see Ignore Misconfigurations.

          Note: The policy status becomes Ignored only when all the resources associated with the policy are ignored.

        • Not Assessed: Displays the policies that are not applicable and are skipped from assessment.

        SeverityFilters the failing policies by severity: All, High, Medium, or Low.
      • Click a policy to view the policy details with the impacted resources for that policy.

        You can view the IaC remediation code for the resource and the remediation steps for the policy violation.

  3. Click Export > CSV to download the report in the CSV format.
    1.  Select the report that you want to download:
      • Summary Report: Includes the summary of compliance coverage of all resources based on the last scan.
      • Detail Report: Includes compliance summary and additional details, such as policy severity and status.
    2. Click Export.