Discovery Scans vs. Assessment Scans

You can perform two types of scans using Tenable products: discovery scans and assessment scans. Tenable recommends performing discovery scans to get an accurate picture of the assets on your network and assessment scans to understand the vulnerabilities on your assets.

For information about how discovered and assessed assets are counted towards your license, see Tenable Vulnerability Management Licenses.

Type	Description	Licensing
Discovery scans	Find assets on your network. For example: a scan configured with the Host Discovery template. a scan configured to use only discovery plugins. a scan configured to use Tenable Nessus Network Monitor in discovery mode.	Assets identified by discovery scans do not count toward your license.
Assessment scans	Find vulnerabilities on your assets. For example, run an authenticated or unauthenticated scan using a Tenable Nessus scanner or Tenable Nessus Agent. Authenticated Scans Configure authenticated scans, also known as credentialed scans, by adding access credentials to your assessment scan configuration. Credentialed scans can perform a wider variety of checks than non-credentialed scans, which can result in more accurate scan results. This facilitates scanning of a very large network to determine local exposures or compliance violations. Credentialed scans can perform any operation that a local user can perform. The level of scanning depends on the privileges granted to the user account. The more privileges the scanner has via the login account (e.g., root or administrator access), the more thorough the scan results. For more information, see Credentials in Tenable Vulnerability Management Scans. Unauthenticated Scans If you do not add access credentials to your assessment scan configuration, Tenable Vulnerability Management performs a limited number of checks when scanning your assets.	In general, assets assessed by assessment scans count toward your license.

Type

Description

Licensing

Discovery scans

Find assets on your network.

For example:

a scan configured with the Host Discovery template.
a scan configured to use only discovery plugins.
a scan configured to use Tenable Nessus Network Monitor in discovery mode.

Assets identified by discovery scans do not count toward your license.

Assessment scans

Find vulnerabilities on your assets.

For example, run an authenticated or unauthenticated scan using a Tenable Nessus scanner or Tenable Nessus Agent.

Authenticated Scans

Configure authenticated scans, also known as credentialed scans, by adding access credentials to your assessment scan configuration.

Credentialed scans can perform a wider variety of checks than non-credentialed scans, which can result in more accurate scan results. This facilitates scanning of a very large network to determine local exposures or compliance violations.

Credentialed scans can perform any operation that a local user can perform. The level of scanning depends on the privileges granted to the user account. The more privileges the scanner has via the login account (e.g., root or administrator access), the more thorough the scan results.

For more information, see Credentials in Tenable Vulnerability Management Scans.

Unauthenticated Scans

If you do not add access credentials to your assessment scan configuration, Tenable Vulnerability Management performs a limited number of checks when scanning your assets.

In general, assets assessed by assessment scans count toward your license.