Assets

This topic describes a page or navigation path that applies to the legacy workbench, which Tenable is retiring soon in favor of the Explore workbench. When Tenable retires the legacy workbench, you can navigate to the Explore workbench and continue to use the feature described in this topic. For more information, see Updates to the Tenable.io Interface.

The Assets page provides insight into your organization's assets and their vulnerabilities.

This page contains top-level widgets that provide a snapshot of the asset scanning status, and a table that lists assets scans have identified in your network. The top-level widgets include:

Widget Description
Asset by Tags This widget lists the top 5 tags applied to the highest number of assets. For more information, see Tags.
Asset Coverage

This widget summarizes how thoroughly your scans assessed your environment during the past 90 days.

  • Authenticated Scans — Authenticated assessment scans configured to find vulnerabilities on assets.
  • Unauthenticated Scans — Unauthenticated assessment scans configured to find vulnerabilities on assets.
  • Detected Only — Scans configured to discover assets.

For more information, see Discovery Scans vs. Assessment Scans.

Statistics This widget summarizes any licensed asset (in that Tenable.io scanned the asset in the last 90 days).

You can do the following from the Assets page:

About Assets

Tenable.io includes the ability to track assets that belong to your organization. Assets are entities of value on a network that can be exploited. This includes laptops, desktops, servers, routers, mobile phones, virtual machines, software containers, and cloud instances. By providing comprehensive information about the assets that belong to your organization, Tenable.io helps to eliminate potential security risks, identify under-utilized resources, and support compliance efforts.

Tenable.io automatically creates or updates assets when a scan completes or scan results are imported. Tenable.io attempts to match incoming scan data to existing assets using a complex algorithm. This algorithm looks at attributes of the scanned hosts and employs various heuristics to choose the best possible match. If Tenable.io cannot find a match, the system assumes this is the first time Tenable.io has encountered the asset and creates a new record for it. Otherwise, if Tenable.io finds a matching asset, the system updates any properties that have changed since the last time Tenable.io encountered the asset.

In addition to vulnerability information, Tenable.io also attempts to gather various other information about the asset, including:

  • Interfaces (IP address and MAC address)
  • DNS Names
  • NetBIOS Name
  • Operating System
  • Installed Software
  • UUIDS (Tenable, ePO, BIOS)
  • Whether an agent is present