Create a Report

Required Tenable Vulnerability Management User Role: Scan Operator, Standard, Scan Manager, or Administrator

To create a new report:

  1. In the left navigation, click Reports.

    The Reports page appears.

  2. In the upper-right corner, click Create New Report.

    The Report Templates page appears, with reports organized by category.

    Category Description
    Center for Internet Security (CIS) CIS Benchmarks are best practices for the secure configuration of a target system. Be sure to use the proper audit file for scans. For example: CIS PostgreSQL 12 v1.1.0 Audit Details, CIS Debian 8 v2.0.2 Audit Details, CIS Amazon Web Services Three-tier Web Architecture v1.0.0 Audit Details, and so on.
    Defense Information Systems Agency (DISA) The Defense Information Systems Agency (DISA) is a United States Department of Defense combat support agency composed of military, federal civilians, and contractors. Security Technical Implementation Guides (STIG) is a configuration standard that consists of cybersecurity requirements for a specific product. Be sure to use the proper audit file for scans.
    Compliance Framework

    Tenable allows you to audit configuration compliance with a variety of standards including GDPR, ISO 27000, HIPAA, NIST 800-53, PCI DSS, and so on. These reports provide summary and detailed information for all the supported frameworks. Be sure to use the proper audit file for scans.

    Host Audit Plugin Type Organizations such as CIS, DISA, and some vendors create golden configurations standards, known as benchmarks. Tenable creates audit files that perform a detailed configuration review. Scanning the assets with the Host Audit Compliance Check plugins allows you to do detailed configuration checks. These reports provide summary and detailed information for all the Host Audit Compliance Check plugins.
    Tenable Best Practice Audits Allows you to implement best practice audits for new technologies. Make sure that the proper audit file is used for scans.
    Vendor Based Audits Allows you to implement vendor-specific guidance for new technologies. Vendors include: Vendor, IBM, Juniper, Microsoft, NetApp, VMware and others. Be sure to use the proper audit file for scans.
    Vulnerability Management Tenable Vulnerability Management provides the most comprehensive vulnerability coverage with real-time continuous assessment of the organization. These built-in reports allow organizations to communicate risk based on prioritization, threat intelligence and real-time insights to proactively prioritize remediation actions. These reports provide summary and detailed information data collected using Tenable Vulnerability Management applications such as Tenable Nessus.
    Web App Scanning Web application security provides the ability to detect and mitigate threats and vulnerabilities that may compromise the confidentiality, integrity, and availability of web applications. These reports leverage data from Tenable Web App Scanning, a comprehensive and automated vulnerability scanning tool for modern web applications.

  3. In the list that appears, select a template.

  4. Click Generate Report.

    The Report Details page appears.

  5. On the Report Details page, do the following:

    • In the Name box, type a name for the report.

    • (Optional) In the Description box, type a description.

    • In the Executive Summary section, select from the available widgets or click Add New Widget and select a widget from the Widget Library.

    • In the Additional Chapters section, select from the available chapters or click Add New Chapter to select one from the Chapter Library.

    • (Optional) Add a filter to the reports. For more information, see Filter Reports.

    • (Optional) Update the report logo. For more information, see Report Settings.

  6. Click Save.

    Tenable Vulnerability Management creates a new report and it appears on the My Report Templates page.

Tip: Once created, you can generate an initial report and download a copy. For more information, see Generate Reports.