Tenable-Provided Scanner Templates

Tenable provides the following scanner templates for specific scanning purposes. For general information about scan templates and settings, see Scan Templates and Settings.

Note: If a plugin requires authentication or settings to communicate with another system, the plugin is not available on agents. This includes, but is not limited to:

  • Patch management.
  • Mobile device management.
  • Cloud infrastructure audit.
  • Database checks that require authentication.

Instead, use Tenable-provided agent templates for agent scanning.

Scanner templates fall into three categories: Vulnerability Scans (Common), Configuration Scans, and Tactical Scans.

Template Description
Vulnerability Scans (Common)
Advanced Network Scan

An scan without any recommendations, so that you can fully customize the scan settings.

Basic Network Scan

Performs a full system scan that is suitable for any host. For example, you could use this template to perform an internal vulnerability scan on your organization's systems.

Credentialed Patch Audit

Authenticates hosts and enumerates missing updates.

Host Discovery

Performs a simple scan to discover live hosts and open ports.

Internal PCI Network Scan

Performs an internal PCI DSS (11.2.1) vulnerability scan.

Legacy Web App Scan Uses a Nessus scanner to scan your web applications.Note: Unlike the Tenable.io Web Application Scanning scanner, the Nessus scanner does not use a browser to scan your web applications. Therefore, a Legacy Web App Scan is not as comprehensive as a Web App Scan.
Mobile Device Scan

Assesses mobile devices via Microsoft Exchange or an MDM.

PCI Quarterly External Scan

Performs quarterly external scans as required by PCI.

Note: Because the nature of a PCI ASV scan is more paranoid and may lead to false positives, the scan data is not included in the aggregate Tenable.io data. This is by design.

Configuration Scans
Audit Cloud Infrastructure Audits the configuration of third-party cloud services.
MDM Config Audit Audits the configuration of mobile device managers.
Offline Config Audit

Audits the configuration of network devices.

Policy Compliance Auditing

Audits system configurations against a known baseline.

SCAP and OVAL Auditing

Audits systems using SCAP and OVAL definitions.

Tactical Scans
2020 Threat Landscape Restrospective (TLR)

Detects vulnerabilities featured in Tenable's 2020 Threat Landscape Retrospective report.

Active Directory Starter Scan

Scans for misconfigurations in Active Directory.

Note: Active Directory Starter Scans require ADSI credentials. For more information, see Miscellaneous.

Badlock Detection Performs remote and local checks for CVE-2016-2118 and CVE-2016-0128.
Bash Shellshock Detection

Performs remote and local checks for CVE-2014-6271 and CVE-2014-7169.

DROWN Detection Performs remote checks for CVE-2016-0800.
Intel AMT Security Bypass

Performs remote and local checks for CVE-2017-5689.

Malware Scan

Scans for malware on Windows and Unix systems.

Video: Perform a Malware Scan in Tenable.io

Video: Application, Malware, and Content Audits

Video: Application, Malicious Software, and Content Audits


Performs local checks for CVE-2021-34527, the PrintNightmare Windows Print Spooler vulnerability.

ProxyLogon: MS Exchange

Performs remote and local checks to detect Microsoft Exchange Server vulnerabilities related to CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065.

Shadow Brokers Scan Scans for vulnerabilities disclosed in the Shadow Brokers leaks.

Detects SolarWinds Solorigate vulnerabilities using remote and local checks.

Spectre and Meltdown Detection

Performs remote and local checks for CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754.

WannaCry Ransomeware Detection

Scans for the WannaCry ransomware.

Zerologon Remote Scan

Detects Microsoft Netlogon elevation of privilege vulnerability (Zerologon).