Launch a Remediation Scan

Required User Role: Organizational user with appropriate permissions. For more information, see User Roles.

You can run a remediation scan to run a followup active scan against existing active scan results. A remediation scan evaluates a specific plugin against a specific target or targets where the related vulnerability was present in your earlier active scan.

Remediation scans allow you to validate whether your vulnerability remediation actions on the targets have been successful. If a remediation scan cannot identify a vulnerability on targets where it was previously identified, the system changes the status of the vulnerability to mitigated. For more information, see Cumulative vs. Mitigated Vulnerabilities.

Note the following:

  • You can perform remediation scans only for active scan results.

  • You cannot perform remediation scans for agent repository scan results.

  • If the selected plugin requires dependent plugins, the system automatically includes those plugins in the remediation scan.

  • Remediation scans only evaluate plugins against the port you specify. Keep this in mind when launching a remediation scan for a plugin that typically targets multiple ports.

  • Remediation scans work best for un-credentialed network scan results. Use caution when running a remediation scan for a plugin that requires scan credentials. If you neglect to add scan credentials when required for a specific plugin, or if you mis-enter the credentials, the system may identify the related vulnerabilities as mitigated, not because they are mitigated, but because the system could not complete the credentialed scan.

To launch a remediation scan:

  1. Log in to Tenable Security Center via the user interface.

  2. Click Analysis > Vulnerabilities.

    The Vulnerabilities page appears.

  3. In the analysis tools drop-down box, select Vulnerability Summary.

    The page refreshes to show the analysis tool view you selected.

  4. Right-click the row for the vulnerability for which you want to launch a remediation scan and click Launch Remediation Scan.

    The Launch Remediation Scan page appears.

    Note: A remediation scan inherits certain settings from the vulnerability or vulnerability instance you selected. The Launch Remediation Scan page:

    • Automatically populates the relevant plugin information.

    • Provides an editable scan name in the format "Remediation Scan of Plugin # number".

    • Populates the target IP address based on the asset where the previous scan identified the vulnerability.

  5. Configure the settings for the scan, as described in Active Scan Settings.

    Note: You do not need to associate the remediation scan with a scan policy.

    Note: You cannot schedule a remediation scan. The scan launches as soon as you submit it.

  6. Click Submit.

    Tenable Security Center launches the remediation scan.