Get Started with Vulnerability Management
Use the following getting started sequence to configure and mature your Tenable.io Vulnerability Management deployment.
- Prepare a Deployment Plan
- Install and Link Scanners
- Configure Scans
- Additional Tenable.io Configurations
- Review and Analyze
For a demonstration on Tenable.io architecture and predictive prioritization, see the following video:
To establish a deployment plan and analysis workflow:
- Review principles of the TCP/IP internet protocol suite. Tenable.io documentation assumes you know basic networking concepts and principles.
- Get your Tenable.io access information and starter account credentials from your Tenable representative.
- If necessary, access Tenable Support and training resources for Tenable.io, including the Professional Services Scan Strategy guide.
Design a deployment plan by identifying your organization's objectives and analyzing your network topology. Consider Tenable-recommended best practices for your environment.
For more information about environment requirements, see the guidelines provided for your scanner in the General Requirements Guide. For more information about supported browsers for Tenable.io, see Vulnerability Management System Requirements.
Design an internal scanning and external scanning plan. Identify the scans you intend to run and ensure that you have sufficient network coverage.
Design an analysis workflow. Identify key stakeholders in your management and operational groups, considering the data you intend to share with each stakeholder.
To install your scanners and link them to Tenable.io:
- Log in to the Tenable.io user interface.
- Set up your linked scanners:
If your deployment plan includes Nessus scanners, install Nessus as described in Install Nessus in the Nessus User Guide.
If your deployment plan includes Nessus Agents, install agents as described in Install Nessus Agents in the Nessus Agent Deployment and User Guide.
If your deployment plan includes NNM, install NNM as described in Install NNM in the Nessus Network Monitor User Guide.
Then, configure NNM to communicate with Tenable.io, as described in Configure NNM in the Nessus Network Monitor User Guide.
If your deployment plan includes Tenable.io Web Application Scanning, install web applications as described in Deploy or Install Tenable Core + Web Application Scanning in the Tenable Core User Guide.
Then, link your first scanners to Tenable.io, as described in Link a Sensor.
Configure and run basic scans to begin evaluating the effectiveness of your deployment plan and analysis workflow:
Configure your first active scan using the Basic Network Scan template:
- Create a scanner group, as described in Create a Scanner Group.
- Create a scan using the Basic Network Scan template, as described in Create a Scan.
Configure your first agent scan using the Basic Agent Scan template:
- Create an agent group, as described in Create an Agent Group.
- Create an agent scan using the Basic Agent Scan template, as described in Create a Scan.
- Launch your first Nessus scan and agent scan, as described in Launch a Scan.
Confirm your Nessus scan and agent scan completed, accessing all targeted areas of your network. Review your discovered assets to assess your knowledge of your network.
Additional Tenable.io Configurations
Configure other features, if necessary, and refine your existing configurations:
- Create user accounts and create user groups within your Tenable.io container.
- Create access groups to manage view and scan permissions for assets and targets.
Configure tags to organize, group, and control access to assets.
- Set up asset discovery with connectors, Professional Services integrations, or integrated products. For more information, see Connectors, the Custom Integration Services page, or the Integration Guides section of the Tenable.io Documentation page.
Configure managed credentials, scan-specific credentials, or policy-specific credentials for a Nessus scan, as described in Credentials. For more information about configuring and troubleshooting credentialed scans, see Nessus Credentialed Checks.
Launch your credentialed Nessus scan and credentialed agent scan, as described in Launch a Scan.
- Confirm your credentialed scan completed, accessing all targeted areas of your network.
If you want to assess your exposure, obtain a Tenable Lumin license.
If you want to perform web application scanning, obtain a Tenable.io Web Application Scanning license.
If you want to evaluate risk on your containers, obtain a Container Security license.
Configure user Access Control to control what objects users can and cannot view and interact with within Tenable.io.
To review and analyze your data further, you can:
- View your scans and individual scan details.
- View and analyze your vulnerability and asset findings via the Findings and Assets pages.
- Create a dashboard to gain immediate insight and quickly analyze vulnerabilities in your network. Use interactive widgets and customizable tables to explore your data.
- Filter your dashboards, assets, and findings to drill into data and investigate your progress.
- Create recast or accept rules to recast or accept vulnerabilities discovered by scans.
Create a report to share scan and vulnerability information with others in your organization.
Tenable recommends the following as best practices to keep up to date with your deployment plan and analysis workflow:
- Conduct weekly meetings to review your organization's responses to identified vulnerabilities. Conduct weekly management meetings to oversee your teams executing the analysis workflow.
- Review your scan results and scan coverage. You may need to modify your scan configurations to suit your organization's objectives and reach all areas of your network.
- Consider API integrations, as described in the Tenable.io API Documentation.