Cloud Misconfiguration Findings

This topic describes the performance of, or functionality for, a new feature in Tenable.io Key Enhancements. For more information, see Tenable.io Key Enhancements.

Required Tenable.io Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

On the Findings page, you can drill down to view only vulnerability findings for your cloud resources. This documentation refers to your resources as assets.

To view your cloud misconfiguration findings:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, in the Explore section, click Findings.

    The Findings page appears, showing a table that lists your findings. By default, the Vulnerabilities tab is active.

  3. In the upper-left side of the page, select the Cloud Misconfigurations tab.

    The Cloud Misconfigurations table appears.

  4. In the Cloud Misconfigurations table, you can perform the following actions:

Cloud Misconfigurations

You can view basic information about your cloud misconfigurations in the following table:

Column Description
Resource ID

The name of the asset where the scanner detected the vulnerability. Tenable.io assigns this identifier based on the presence of certain asset attributes in the following order:

  1. Agent Name (if agent-scanned)
  2. NetBIOS Name
  3. FQDN
  4. IPv6 address
  5. IPv4 address

For example, if scans identify a NetBIOS name and an IPv4 address for an asset, the NetBIOS name appears as the Resource Name.

Policy Name

The security policy that governs the affected asset.

Policy Group Name

The group associated with the security policy that governs the affected asset.

Severity

The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR.

Result

The outcome of the vulnerability scan.

Source

The environment where the affected asset runs.

First Seen

The date when Tenable.io first scanned the affected asset.

Last Seen

The date when a scan last found the vulnerability on an asset.

Asset ID The UUID of the asset where a scan detected the vulnerability. This value is unique to Tenable.io.
Cloud Provider

The name of the cloud provider that hosts the asset.

IaC Resource Type The Infrastructure as Code (IAC) resource type of the asset.
Resource Name The name of the cloud resource for the asset.
Region The cloud region where the asset runs.
VPC The virtual private cloud on which the asset is hosted in AWS.
ARN The unique Amazon resource name for the asset in AWS.
Resource Type The types of assets affected, determined by plugin data.
Benchmark The types of assets affected, determined by plugin data.
Account ID The unique identifier assigned to the asset resource in the cloud service that hosts the asset.
Repositories Any code repositories associated with the asset.
Resource Type

The asset's cloud resource type (for example, network, virtual machine).

Note: This filter is selected by default.

Benchmark  
Policy Category

The category associated with the security policy that governs the affected asset.

Last Scan Time The date and time when Tenable.io last scanned the asset.
Updated Time The date and time when a user last updated the asset.