Create a Scan Profile

Scan profiles allow you to group the scan operations of different cloud resources and schedule scans according to your needs. You can create different scan profiles to run scans targeting different resources. For example, you can create a scan profile to run a scan targeting only Vulnerability Scans of EC2 instances.

Before you begin:

To run a vulnerability scan using Agentless Assessment, see the following:

• Configure Vulnerability Scan using Agentless Assessment for AWS

• Configure Vulnerability Scan using Agentless Assessment for Azure

To create a scan profile:

1. Click Projects & Connections.

   Tenable Cloud Security lists all the projects in the Projects tab.

2. In the row for the project for which you are creating the scan profile, click > Manage cloud scan profiles.

   The Manage scan profiles window appears with the default scan profile.

   Note: You can use the default scan profile to perform a scan. Click the default scan profile to view the resources that get scanned. Vulnerability scan with agentless assessment is enabled by default for the default scan profile.

3. Click New Scan Profile.

   The Create new scan profile for cloud window appears.

   Note: To create a scan profile from an existing scan profile, create a copy of the scan profile and then edit the profile.

4. In the Scan profile name box, type a name for the scan profile or retain the default name.

5. In Step 1 Cloud config assessment options, retain the default selections or do one of the following:

   • Select the check box next to the option to select all the resources within a category.

   • Click the drop-down arrow to show all the available resources in the category. Select the check boxes as needed.

     Note: The count next to the drop-down arrow shows: Number of resources available / Number of resources selected.

   • Select a resource by searching for it in the Search resources box.
6. (Optional) In Step 2, click the Enable Vulnerability Scan toggle to enable vulnerability assessment.
   Note: The vulnerability scan option is available only for AWS EC2 Instances and Azure Virtual Machines. When you enable vulnerability scan, Tenable Cloud Security starts scanning for vulnerabilities after the misconfiguration scan completes.

7. Click Preview to view the resources selected in the cloud scan profile.

8. Click Create Scan Profile.

   Tenable Cloud Security creates the scan profile and displays it in the Manage scan profiles window.

What to do next:

Initiate the scan for the scan profile. For more information, see Run a Cloud Scan.