Cloud Scans

To run a cloud scan after onboarding your cloud accounts, you must select and run a scan profile. Tenable Cloud Security provides a default scan profile for each cloud provider. You can also create your custom scan profiles. After creating a scan profile, you can run the following types of cloud scans:

• Misconfiguration Scan: Scans for policy violations in IaC repositories and cloud resources. You can view the scan results on the Findings > Misconfigurations page. The Misconfigurations Scan is supported for all cloud providers - AWS, Azure, and GCP.

• Vulnerability Scan: Scans for known vulnerabilities (CVEs) in workloads, such as operating systems, images, containers, and software based on plugins. You can view these vulnerabilities on the Findings > Vulnerabilities page in Tenable Cloud Security and the Findings page in Tenable Vulnerability Management. For more information, see Configure Vulnerability Scan using Agentless Assessment for AWS.

To configure and run a cloud scan:

1. Create a Scan Profile.

2. (Optional) Schedule a Scan.

3. Run a Cloud Scan.