Get Started with Tenable Vulnerability Management

This topic explains how to plan a Tenable Vulnerability Management deployment. It includes high-level guidance to build a deployment plan, configure scanners and application settings, start analyzing vulnerability data, and—when ready—expand into Tenable One.

In the following deployment flow, click a box to view related topics.

 

Plan Your Deployment

Establish a deployment plan:

1. Contact your Tenable representative and get your product access information and account credentials.

2. Analyze your network topology, considering Tenable-recommended best practices, as described in the General Requirements Guide.

3. Choose additional Tenable product licenses based on your organizational needs:

   • If you want to assess your exposure, obtain a Tenable Lumin license.

   • If you want to scan web applications, obtain a Tenable Web App Scanning license.

   • If you want to evaluate risk on your containers, obtain a Tenable Container Security license.

4. Choose a scanning plan, including the scans to run, consulting the Professional Services Scan Strategy guide if needed.

5. Design an analysis workflow, identifying key stakeholders and considering what data you intend to share.

Install and Configure Sensors

To install and configure sensors:

1. Install the sensors chosen in your deployment plan:

   • Install Tenable Nessus as described in the Tenable Nessus User Guide.

   • Install Tenable Nessus Agents as described in the Tenable Nessus Agent Deployment and User Guide.

   • Install Tenable Nessus Network Monitor and then configure your installation as described in in the Tenable Nessus Agent Deployment and User Guide.

   • Install Tenable Core and Tenable Web App Scanning as described in the Tenable Core User Guide.

2. Link sensors to Tenable Vulnerability Management, as described in Link a Sensor.

3. Configure your first active scan using the Basic Network Scan template:

   1. Create a scanner group, as described in Create a Scanner Group.
   2. Create a scan using the Basic Network Scan template, as described in Create a Scan.

4. Configure your first agent scan using the Basic Agent Scan template:

   1. Create an agent group, as described in Create an Agent Group.
   2. Create an agent scan using the Basic Agent Scan template, as described in Create a Scan.
5. Launch your first Tenable Nessus scan and agent scan, as described in Launch a Scan.

6. Confirm that scans completed, accessing all targeted areas of your network. Review discovered assets.

Configure Application Settings

Configure other settings in Tenable Vulnerability Management:

1. Create user accounts for the users in your organization.
2. Create user groups to control user permissions for the resources in Tenable Vulnerability Management.

3. Add asset tags to organize and identify the assets to scan.

4. Set up asset discovery with connectors, Professional Services integrations, or integrated products (as described in the Integration Guides section of the Tenable Vulnerability Management Documentation page).

5. Configure managed credentials, scan-specific credentials, or policy-specific credentials for a Tenable Nessus scan, as described in Credentials. For more information about configuring and troubleshooting credentialed scans, see Tenable Nessus Credentialed Checks.

   1. Launch your credentialed Tenable Nessus scan and credentialed agent scan, as described in Launch a Scan.

   2. Confirm your credentialed scan completed, accessing all targeted areas of your network.

Analyze Your Attack Surface

Use the following features in Tenable Vulnerability Management to understand your vulnerabilities:

1. View your scans and scan details.
2. View scanned assets and vulnerabilities on the Findings and Assets workbenches.
3. With Vulnerability Intelligence, view known vulnerabilities by category and compare them to your own exposure.
4. With Exposure Response, create initiatives to track remediation projects.

5. With reports, share scan and vulnerability information with your organization.

6. Use custom dashboards to get visual overviews of your attack surface.

Expand into Tenable One

Integrate Tenable Vulnerability Management with Tenable One and leverage the following features:

• Review and customize your assets' ACR.

• Create new tags either in Tenable Vulnerability Management or within Tenable Inventory to group your assets by how you want them to be reported on

• In Lumin Exposure View, gain critical business context by getting business-aligned cyber exposure score for critical business services, processes and functions, and track delivery against SLAs. Track overall VM risk to understand the risk contribution of assets to your overall Cyber Exposure Score, including by asset class, vendor, or by tags.

  • Review the Global exposure card to understand your holistic score. Click Per Exposure to understand what factors are driving your score, and by how much.

  • Review the Computing Resources exposure card.

  • Configure the exposure view settings to set your Remediation SLA and SLA Efficiency based on your company policy.

  • Create a custom exposure card based on business context (for example, Business units, Operating Systems, Asset Criticality, Physical Location, or Application).

• In Tenable Inventory, enhance asset intelligence by accessing deeper asset insights, including related attack paths, tags, exposure cards, users, relationships, and more. Improve risk scoring by gaining a more complete view of asset exposure, with an asset exposure score that assesses total asset risk and asset criticality.

  • Review your Tenable Vulnerability Management assets to understand the strategic nature of the interface. This should help set your expectations on what features to use within Tenable Inventory, and when.

  • Review the Tenable Queries that you can use, edit, and bookmark.

  • Familiarize yourself with the Global Search query builder and its objects and properties. Bookmark custom queries for later use.

    Tip: To get a quick view of what properties are available:

    • In the query builder, type has. A list of suggested asset properties appears.
    • Customize the list by adding a column. A list of available columns/properties appears.
  • Drill down into the asset details page to view asset properties and all associated context views.

  • (Optional) Create a tag that combines different asset classes.

• In Attack Path Analysis, optimize risk prioritization by exposing risky attack paths that traverse the attack surface, including web apps, IT, OT, IoT, identities, ASM, and prevent material impact. Streamline mitigation by identifying choke points to disrupt attack paths with mitigation guidance, and gain deep expertise with AI insights.

  • View the Attack Path Analysis Dashboard for a high-level view of your vulnerable assets such as the number of attack paths leading to these critical assets, the number of open findings and their severity, a matrix to view paths with different source node exposure score and ACR target value combinations, and a list of trending attack paths.

    • Review the Top Attack Path Matrix and click the Top Attack Paths tile to view more information about paths leading to your “Crown Jewels”, or assets with an ACR of 7 or above.

    You can adjust these if needed to ensure you’re viewing the most critical attack path data and findings.

  • On the Findings page, view all attack techniques that exist in one or more attack paths that lead to one or more critical assets by pairing your data with advanced graph analytics and the MITRE ATT&CK® Framework to create Findings, which allow you to understand and act on the unknowns that enable and amplify threat impact on your assets and information.

  • On the Discover page, generate attack path queries to view your assets as part of potential attack paths:

    • Generate an Attack Path using a Built-in Query

    • Generate an Asset Query using the Asset Query Builder

    • Generate an Attack Path Query using the Attack Path Query Builder

    Then, you can view and interact with the Attack Path Query and Asset Query data via the query result list and the interactive graph.