Cloud Misconfiguration Findings
This topic describes the performance of, or functionality for, a new feature in Tenable.io Key Enhancements. For more information, see Tenable.io Key Enhancements.
Required Tenable.io Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator
On the Findings page, you can drill down to view only vulnerability findings for your cloud resources. This documentation refers to your resources as assets.
To view your cloud misconfiguration findings:
In the upper-left corner, click the button.
The left navigation plane appears.
In the left navigation plane, in the Explore section, click Findings.
The Findings page appears, showing a table that lists your findings. By default, the Vulnerabilities tab is active.
In the upper-left side of the page, select the Cloud Misconfigurations tab.
The Cloud Misconfigurations table appears.
In the Cloud Misconfigurations table, you can perform the following actions:
You can view basic information about your cloud misconfigurations in the following table:
The name of the asset where the scanner detected the vulnerability. Tenable.io assigns this identifier based on the presence of certain asset attributes in the following order:
For example, if scans identify a NetBIOS name and an IPv4 address for an asset, the NetBIOS name appears as the Resource Name.
The security policy that governs the affected asset.
|Policy Group Name||
The group associated with the security policy that governs the affected asset.
The vulnerability's CVSS-based severity. For more information, see CVSS vs. VPR.
The outcome of the vulnerability scan.
The environment where the affected asset runs.
The date when Tenable.io first scanned the affected asset.
The date when a scan last found the vulnerability on an asset.
|Asset ID||The UUID of the asset where a scan detected the vulnerability. This value is unique to Tenable.io.|
The name of the cloud provider that hosts the asset.
|IaC Resource Type||The Infrastructure as Code (IAC) resource type of the asset.|
|Resource Name||The name of the cloud resource for the asset.|
|Region||The cloud region where the asset runs.|
|VPC||The virtual private cloud on which the asset is hosted in AWS.|
|ARN||The unique Amazon resource name for the asset in AWS.|
|Resource Type||The types of assets affected, determined by plugin data.|
|Benchmark||The types of assets affected, determined by plugin data.|
|Account ID||The unique identifier assigned to the asset resource in the cloud service that hosts the asset.|
|Repositories||Any code repositories associated with the asset.|
The asset's cloud resource type (for example, network, virtual machine).
Note: This filter is selected by default.
The category associated with the security policy that governs the affected asset.
|Last Scan Time||The date and time when Tenable.io last scanned the asset.|
|Updated Time||The date and time when a user last updated the asset.|