Cloud Scans
To run a cloud scan after onboarding your cloud accounts, you must select and run a scan profile. Tenable Cloud Security provides a default scan profile for each cloud provider. You can also create your custom scan profiles. After creating a scan profile, you can run the following types of cloud scans:
-
Misconfiguration Scan: Scans for policy violations in IaC repositories and cloud resources. You can view the scan results on the Findings > Misconfigurations page. The Misconfigurations Scan is supported for all cloud providers - AWS, Azure, and GCP.
-
Vulnerability Scan: Scans for known vulnerabilities (CVEs) in workloads, such as operating systems, images, containers, and software based on plugins. You can view these vulnerabilities on the Findings > Vulnerabilities page in Tenable Cloud Security and the Findings page in Tenable Vulnerability Management. For more information, see Configure Vulnerability Scan using Agentless Assessment for AWS.
To configure and run a cloud scan:
-
(Optional) Schedule a Scan.