Add an Active Scan

Required User Role: Organizational user with appropriate permissions. For more information, see User Roles.

For more information about active scan options, see Active Scan Settings.

Before you begin:

  • Confirm you are running Nessus 6.3.6 or later.
  • Confirm you understand the complete scanning configuration process, as described in Active Scans.

To add an active scan:

  1. Log in to Tenable.sc via the user interface.

  2. Click Scans > Active Scans.

    The Active Scans page appears.

  3. Click Add.

    The Add Active Scan page appears.

  4. Click General.
  5. Type a Name for the scan.
  6. (Optional) Type a Description for the scan.
  7. Select a Policy for the scan.
  8. (Optional) If you want to schedule the scan to run automatically, select a Schedule for the scan.
  9. Click Settings.

    The Settings tab appears.

  10. If prompted, select a preconfigured Scan Zone for the scan.
  11. Select an Import Repository for the scan.
  12. Select a Scan Timeout Action for the scan.
  13. Select a Rollover Schedule for the scan.
  14. Enable or disable the Advanced options.
  15. Click Targets.

    The Targets tab appears.

  16. Select a Target Type for the scan.

  17. Select one or more Assets and IPs / DNS Names for the scan.
  18. (Optional) To configure credentialed scanning, do the following:

    1. Click Credentials.

      The Credentials tab appears.

    2. Click Add Credential.

    3. In the drop-down boxes, select a credential type and a preconfigured credential.
    4. Click the check mark to save your selection.

  19. (Optional) If you want to configure multiple credentials for the active scan, repeat step 19.

    Note: When running an active scan, Tenable.sc attempts authentication using the newest credentials added by an Administrator user. If the newest Administrator-added credentials do not match, Tenable.sc attempts authentication with older Administrator-added credentials.

    Then, if no Administrator-added credentials match, Tenable.sc attempts to authenticate using the newest credentials added by an organizational user. If the newest organizational user-added credentials do not match, Tenable.sc attempts authentication with older organizational user-added credentials.

    If no credentials match, the scan runs without credentialed access.

  20. (Optional) To configure post-scan options, do the following: 
    1. Click Post Scan.

      The Post Scan tab appears.

    2. If you previously added an email address to your account profile and you want to configure email notifications, enable or disable E-Mail Me on Launch or E-Mail Me on Completion.
    3. To configure automatic report generation, click Add Report.
    4. Select the report you want to run after the scan completes, as described in Add a Report to a Scan.
  21. Click Submit.

    Tenable.sc saves your configuration.