Create a User-Defined Template

Required Tenable.io Vulnerability Management User Role: Scan Operator, Standard, Scan Manager, or Administrator

Required Tenable.io Web Application Scanning User Role: Scan Manager or Administrator

You can create user-defined scan templates to save and share custom scan settings with other Tenable.io users. For more information, see User-Defined Templates.

When you define a scan template, Tenable.io assigns you owner permissions for the scan template. You can share the scan template by assigning template permissions to other users, but only you can delete the scan template.

To create a user-defined scan template:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. Do one of the following:

    • In the left navigation plane, in the Vulnerability Management section, click Scan Templates.

      The Scan Templates page appears.

    • In the left navigation plane, in the Web App Scanning section, click Scan Templates.

      The Scan Templates page appears.

  3. In the upper-right corner of the page, click the addCreate Template button.

    The Select a Template page appears.

  4. Click the tile for the template you want to use as the base for your user-defined scan template.

    The Create a Template page appears.

  5. Configure options for the scan template:

    Tab Action
    Vulnerability Management Scans
    Settings

    Configure the settings available in the template.

    • Basic Settings — Specifies the organizational and security-related aspects of a scan template. This includes specifying the name of the scan, its targets, whether you want to schedule the scan, and who has permissions for the scan.
    • Discovery Settings — Specifies how a scan performs discovery and port scanning.
    • Assessment Settings — Specifies how a scan identifies vulnerabilities, as well as what vulnerabilities are identified. This includes identifying malware, assessing the vulnerability of a system to brute force attacks, and the susceptibility of web applications.
    • Report Settings — Specifies whether the scan generates a report.
    • Advanced Settings — Specifies advanced controls for scan efficiency.
    Credentials

    Specify credentials you want Tenable.io to use to perform a credentialed scan.

    Compliance/SCAP Specify the platforms you want to audit. Tenable provides best practice audits for each platform. Additionally, you can upload a custom audit file.
    Plugins Select security checks by plugin family or individual plugin.
    Web Application Scans
    Settings

    Specifies the organizational and security-related aspects of a scan template. This includes specifying the name of the scan, its targets, whether you want to schedule the scan, and who has permissions for the scan.

    Scope

    Specifies the URLs and file types you want included in or excluded from the scope of your scan.

    Assessment

    Specifies how a scan identifies vulnerabilities, as well as what vulnerabilities are identified. This includes identifying malware, assessing the vulnerability of a system to brute force attacks, and the susceptibility of web applications.

    Advanced

    Specifies advanced controls for scan efficiency.

    Credentials

    Specify credentials you want Tenable.io to use to perform a credentialed scan.

    Plugins Select security checks by plugin family or individual plugin.
  6. Click Save.

    Tenable.io saves the user-defined scan template and adds it to the list of scan templates on the Scan Templates page.