Basic Settings in WAS Scans

Configure settings to specify basic organizational and security-related aspects of your scan configuration. This includes specifying the name of the scan, its target, whether the scan is scheduled, and who has access to the scan.

You can configure settings when you create a scan or user-defined scan template and select any scan type. For more information, see Scan Templates.

Tip: If you want to save your settings configurations and apply them to other scans, you can create and configure a user-defined scan template.

The Basic settings include the following sections:

General

The general settings for a scan.

Setting Default Value Description Required
Name none Specifies the name of the scan or template. Yes
Description none Specifies a description of the scan or template. No
Target none

Specifies the URL for the target you want to scan, as it appears on your Tenable.io Web Application Scanning license. Regular expressions and wildcards are not allowed.

Note: If the URL you type in the Target box has a different FQDN host from the URL that appears on your license, and your scan runs successfully, the new URL you type counts as an additional asset on your license.

Note: If you create a user-defined scan template, the target setting is not saved to the template. You must type a target each time you create a new scan.

Yes
Folder My Scans Specifies the folder where the scan appears after being saved. Yes
Scanner varies Specifies the scanner that performs the scan. Yes

Schedule

The schedule settings for the scan.

Note: If you create a user-defined scan template, your schedule settings are not saved to the scan template. You must configure the schedule settings each time you create a new scan.

Setting

Default

Description

Schedule

off

A toggle that specifies whether the scan is scheduled. By default, scans are not scheduled.

When the Schedule toggle is disabled, the other schedule settings remain hidden.

Click the toggle to enable the schedule and view the remaining Schedule settings.

Frequency

Once

Specifies how often the scan is launched.

Note: The frequency with which you scan your target depends on several factors (e.g., how often you update your web application, the content your web application contains, etc.). For most web applications, Tenable recommends at least monthly scans.

  • Once: Schedule the scan at a specific time.
  • Daily: Schedule the scan to occur on a daily basis, at a specific time, up to 20 days.
  • Weekly: Schedule the scan to occur on a recurring basis, by time and day of week, up to 20 weeks.
  • Monthly: Schedule the scan to occur every month, by time and day of month or week of month, up to 20 months.
  • Yearly: Schedule the scan to occur every year, by time and day, up to 20 years.

Starts

varies

Specifies the exact date and time at which a scan launches.

Note: If you schedule an excessive number of scans to run concurrently, you may exhaust the scanning capacity on Tenable.io Web Application Scanning. If necessary, Tenable.io Web Application Scanning staggers concurrent scans to ensure consistent scanning performance.

The starting date defaults to the date you create the scan. The starting time is the next hour interval, displayed in 24-hour clock format. For example, if you create your scan on October 31, 2019 at 9:12 PM, the default starting date and time is 10/31/2019 and 22:00.

Timezone

varies

The time zone of the value set for Starts.

Notifications

The notification settings for a scan.

Setting Default Value Description
Email Recipient(s) None Specifies zero or more email addresses, separated by commas, whitespace, or new lines, that are alerted when a scan completes and the results are available.

User Permissions

Share the scan or user-defined scan template with other users by setting permissions for users. For more information on adding or editing user permissions, see Set WAS Scan Permissions.

Permission Description
No Access (Default) Users set to this permission cannot interact with the scan in any way.
Can View Users set to this permission can view the results of the scan.
Can Control In addition to the tasks allowed by Can View, users with this permission can launch and stop a scan. They cannot view or edit the scan configuration or delete the scan.
Can Configure In addition to the tasks allowed by Can Control, users with this permission can view the scan configuration and modify any setting for the scan except scan ownership. They can also delete the scan.

Data Sharing

Setting Default Value Description
Scan Results Show in dashboard Specifies whether the results of the scan should be kept private or should appear on users' dashboards. When set to Keep private, users must access the scan directly to view the results.