Add a Credential to a Scan

Required Tenable Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

Required Scan Permissions: Can Control

In the event that a scan contains multiple instances of a single type of credential (SSH logins, SMB logins, etc.), Tenable Vulnerability Management attempts to use them on a valid target in the order that they were added to the scan configuration.

Note: The first credential that allows successful login is used to perform credentialed checks on the target. After a credential provides successful login, Tenable Vulnerability Management does not try any of the other credentials in the list, even if one of the latter credentials has a greater degree of access or privileges.

To add a credential to a scan:

1. Create or edit a scan.

2. In the left navigation menu, click Credentials.

   The Credentials page appears. This page contains a table of credentials configured for the scan.

3. Next to Add Credentials, click the button.

   The Select Credential Type plane appears.

4. Do one of the following:
   Add an existing managed credential.

   The Managed Credentials section of the Select Credential Type plane contains any credentials where you have Can Use or Can Edit permissions.

   1. (Optional) Search for a managed credential in the list by typing your search criteria in the text box and clicking the button.

   2. In the Managed Credentials section, click thebutton to display all managed credentials.

   3. Click each managed credential you want to add.

      The Select Credential Type plane remains open.

   4. To close the Select Credential Type plane, click the button in the upper-right corner of the plane.
   Add a scan-specific credential.

   1. In the Select Credential Type plane, in any section except Managed Credentials, click thebutton to display the credentials for that type.

   2. Click each credential you want to add.

      The settings plane for that credential type appears.

   3. Configure the settings for the individual credential configuration.
   Add a new managed credential.

   1. In any section of the Select Credential Type plane except the Managed Credentials section, click thebutton to display the credentials for that type.

   2. Click each credential you want to add.

      The settings plane for that credential type appears.

   3. Configure the settings for the new managed credential.
   4. Click the Save to Managed Credentials toggle.

      The managed credential settings appear.

   5. In the first text box, type a name for the managed credential.
   6. (Optional) In the second text box, type a brief description of the managed credential.
   7. Configure user permissions for the managed credential.
5. Click Save to save your credential changes.

   Tenable Vulnerability Management closes the settings plane and adds the credential to the credentials table for the scan.

   Note: Upon saving, Tenable Vulnerability Management automatically orders the credentials by ascending ID and groups the credentials by type.

6. Do one of the following:

   • If you want to save without launching the scan, click Save.

     Tenable Vulnerability Management saves the scan.

   • If you want to save and launch the scan immediately, click Save & Launch.

     Note: If you scheduled the scan to run at a later time, the Save & Launch option is not available.

     Tenable Vulnerability Management saves and launches the scan.