View Vulnerability Management Scan Details

Required Tenable.io Vulnerability Management User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

Required Scan Permissions: Can View

You can view scan results for scans you own and scans that were shared with you. Consider the following when viewing scan results:

  • You can view details for an individual scan based on the permissions configured for the scan. However, when you view aggregated scan results in dashboards and other analysis views (for example, the Vulnerabilities or Assets tables), your access is based on the access groups you belong to.

  • Tenable.io defines Archived as any individual scan results that are older than 35 days. For scan results that are younger than 35 days, you can view and export the results in Tenable.io. For archived scan results, you can export the results, but cannot view them in Tenable.io. This limitation applies to both imported scan results and scan results that Tenable.io collects directly from scanners. After 15 months, Tenable.io removes the scan data entirely.

  • When you view results from the latest run of the scan, Tenable.io categorizes the scan as Read. The Read status is specific to your user account only. You can also manually change the read status.

  • Tenable.io retains scan data for 15 months. If you want to store scan data for longer than 15 months, you can export the scan data for storage outside of Tenable.io.

To view scan results for an individual scan:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, in the Vulnerability Management section, click Scans.

    The Scans page appears.

  3. In the Folders section, click a folder to load the scans you want to view.

    The scans table updates to display the scans in the folder you selected.

  4. In the scans table, click the scan where you want to view details.

    The Scan Details page appears. By default, this page displays details for the latest run of the scan.

  5. Do any of the following:
    SectionAction
    Table header
    Severity summariesThe number of vulnerabilities with a Critical, High, Medium, and Low severity in the scan results.
    Scan Details section

    View details about the scan run:

    • Status — The status of the scan.
    • Start Time — The start date and time for the scan.
    • Template — The Tenable-provided template on which the scan configuration is based.
    • Scanner — The scanner that performed the scan.
    • Scanner Groups — The scanner group(s) to which Tenable.io assigned the scan. This detail appears only if scan routing is enabled for the scan.
    • Targets — The targets that the scan evaluated.
    Vulns by Plugin tab

    View the vulnerabilities in the scan results, organized by plugin.

    Note: This tab does not appear for scan results older than 60 days.

    • View information about each vulnerability:
      • Severity icon — The severity of the vulnerability.
      • Name — The name of the plugin that identified the vulnerability.
      • Family — The family of the plugin that identified the vulnerability.
      • Vulnerabilities — The number of vulnerability instances.

        Tip: A vulnerability instance is a single instance of a vulnerability appearing on an asset, identified uniquely by plugin ID, port, and protocol.

    • To filter the data displayed in the table, see Filter a Table.
    • To sort, increase or decrease the number of rows per page, or navigate to another page of the table, see Tenable.io Tables.
    • To view details for a vulnerability, click a row of the table.

      The Vulnerability Details page appears. For more information, see Vulnerability Details.

    Audit tab

    View compliance audit check results. This tab only appears if the scan results include data from compliance audit checks.

    Tip: This tab does not appear for scan results older than 35 days.

    On this tab, you can view:

    • View tiles representing the number of audit checks identified the last time the scan completed, organized by severity level.
    • View a table of audits detected during the scan. Each row represents a specific audit, and includes the following information:
      • Status — The status of the audit, for example Passed, Warning, or Failed.
      • Name — The name of the audit.
      • Family — The compliance check family to which the audit belongs.
      • Count — The number of times the audit was identified.
    • To view additional information about a specific audit check, click a row in the audits table.

      The Audit Details page appears.

      • Overview — Information about the audit check, including a description of the check and the audit file used for the check.
      • Assets — A list of assets where the scan performed the audit check.
    Vulns by Asset tab

    View the vulnerabilities in the scan results, organized by asset. By default, assets in the table are sorted by decreasing number of vulnerabilities, then by decreasing severity.

    Tip: This tab does not appear for scan results older than 35 days.

    • View information about each vulnerability:
      • Assets — The asset identifier. Tenable.io assigns this identifier based on the presence of certain asset attributes in the following order:
        • Agent Name (if agent-scanned)
        • NetBIOS Name

        • FQDN

        • IPv4 address

        For example, if scans identify a NetBIOS name and an IPv4 address for an asset, the NetBIOS name appears as the Asset Name.

      • Vulnerabilities — A visual summary of the vulnerabilities on the asset, organized by severity.

      • Vuln Count — The total number of vulnerabilities on the asset.
      • Critical — The total number of vulnerabilities on the asset with a critical severity.
      • High — The total number of vulnerabilities on the asset with a high severity.
      • Audits — A visual summary of the audits on the vulnerability, organized by severity.
      • Audit Count — The total number of audits on the asset.
    • To filter the data displayed in the table, see Filter a Table.
    • To sort, increase or decrease the number of rows per page, or navigate to another page of the table, see Tenable.io Tables.
    • To view details for an asset, click a row of the table.

      The Asset Details page appears. For more information, see Asset Details.

    Warnings tab

    View warnings about problems Tenable.io or the scanner encountered while running the scan. This tab only appears if Tenable.io or the scanner encountered an issue while running the scan.

    Review the warnings to determine how to resolve the scan problem. For example, if an Invalid Target note is present, check the target parameters in the scan configuration.

    Tip: This tab does not appear for scan results older than 35 days.

    Remediations tab

    View remediation details.

    Note: The Remediation tab only appears if there are known remediations for the scan.

    This tab contains a table listing each remediation action. On this tab, you can view:

    • Vulnerabilities — The number of vulnerabilities resolved by the recommended remediation.

    • Assets — The number of assets scanned.

    For more information, see Launch a Remediation Scan.

    History tab

    View the scan history.

    This tab contains a table listing each time the scan has run. For the scan run currently displaying in the Scan Details page, Tenable.io adds the label Current to the run. By default, the latest scan run is labeled Current.

    Note: Scan history is unavailable for imported scans, configured scans that have not yet run, and triggered scans.

    On this tab, you can:

    • View summary information about each time the scan was run:
      • Start Time — The start date and time for the scan.
      • End Time — The end date and time for the scan.
      • Duration — The duration of the scan .
      • Status — The status of the scan.
    • Filter the data displayed in the table.
    • Sort, increase or decrease the number of rows per page, or navigate to another page of the table. For more information, see Tenable.io Tables.
    • View details for a historical scan by clicking a row in the table.

      Tenable.io marks the run you selected as Current and updates the Scan Details section to show data for the selected run.

      If the historical scan results are younger than 35 days, Tenable.io also updates the tabs on the Scan Details page.

      If the historical scan results are older than 35 days, the additional tabs are absent from the Scan Details page. Use export instead to obtain the results.