Vulnerability Management Scanning Overview

Configure scans to collect data for This overview walks you through the main steps you need to create, configure, launch, and manage scans.

Depending on your organization, one person may perform all of the steps, or several people may share the steps.

Note: Tenable recommends that you limit the number of individual scans on your network. For example, you can re-use scheduled scans instead of creating new scans. This approach can help you to avoid latency issues in the user interface.

Note: PCI Quarterly External scan data is intentionally excluded from dashboards, reports, and workbenches. This is due to the scan's paranoid nature, which may lead to false positives that would otherwise not be detected. For more information, see PCI ASV Scanning Overview.

For a demonstration on defining your scans, see the following video:

Create and launch an assessment scan

  1. Create a scan.
  2. Select a scan template that fits your needs.
  3. Configure the scan:
    • Configure the scan settings available for your template.

      For information about scan targets, see Scan Targets.

    • (Optional) To run a credentialed scan, configure credentials.
    • (Optional) To run a compliance scan, select the compliance audits your scan includes.
    • (Optional) If you are using an advanced scan template, select what plugins your scan includes.
  4. Launch the scan.

View and manage scans

  1. View your configured scans.
  2. To analyze data across all your scan results, see Analysis.

Refine scanning settings

  • Use exclusions to restrict the scanning of specific hosts based on a selected schedule.
  • Use target groups to set permissions on which hosts a user can scan.
  • To understand scan distribution concepts such as scanner capacity, job queues, and how dispatches tasks, see Scan Distribution.