General Settings

Required User Role: Administrator

On the General page, you can configure general settings for your Tenable Vulnerability Management instance.

To access general settings:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, click Settings.

    The Settings page appears.

  3. Click the General tile.

    The General page appears. By default, the Severity tab is active.

Here, you can configure the following options:

By default, Tenable Vulnerability Management uses CVSSv2 scores to calculate severity for individual vulnerability instances. If you want Tenable Vulnerability Management to calculate the severity of vulnerabilities using CVSSv3 scores (when available), you can configure your severity metric setting.

Tip: A vulnerability instance is a single instance of a vulnerability appearing on an asset, identified uniquely by plugin ID, port, and protocol.

For information about severity and the ranges for CVSSv2 and CVSSv3, see CVSS vs. VPR.

Note: This setting does not affect the following:
  • Tenable Web App Scanning vulnerabilities.
  • Tenable Container Security vulnerabilities.
  • The calculations displayed in the SLA Progress: Vulnerability Age widget. To modify your SLA severity, navigate to the Service-Level Agreement (SLA) tab on the General page.

Caution: When changing your CVSS severity metric setting, the new setting is only reflected in new findings that come into your system. Any existing findings only reflect the previous severity setting (unless otherwise recasted). For more information on recast rules, see Recast/Accept Rules.

To configure your severity setting:

  1. On the Severity tab, select the metric that you want Tenable Vulnerability Management to use for severity calculations.

    • CVSSv2 — Use CVSSv2 scores for all severity calculations.

    • CVSSv3 — Use CVSSv3 scores, when available, for all severity calculations. Use CVSSv2 only if a CVSSv3 score is not available.

  2. Click Save.

  3. The system saves your change and begins calculating severity based on your selection.

    All vulnerabilities seen before the change retain their severity. After the change, all vulnerabilities seen during scans receive severities based on your new selection. Because of this, you could see two sightings of the same vulnerability have two different CVSS scores and severities.

    Tip: A vulnerability instance is a single instance of a vulnerability appearing on an asset, identified uniquely by plugin ID, port, and protocol.

You can configure Service Level Agreement (SLA) settings to modify how Tenable calculates your SLA data.

You can view this data in the SLA Progress: Vulnerability Age widget on the Vulnerability Management Overview dashboard. For more information, see Vulnerability Management Overview Dashboard.

To configure your SLA settings:

  1. Click the Service-Level Agreement (SLA) tab.

    The SLA options appear.

  2. Configure the following options:

    Option

    Default

    		 Description/Actions
    Vulnerability Age SLA

    • Critical 7 days

    • High 30 days

    • Medium 60 days

    • Low 180 days

    To modify the number of days included for each severity, type an integer in the box next to Critical, High, Medium, or Low.

    Override Vulnerability Severity Metric

    		 VPR

    Specifies whether Tenable uses VPR severity, CVSSv2 severity, or CVSSv3 severity to calculate SLA data.

    For more information about these metrics, see CVSS vs. VPR.

    Note: This option affects only the calculations displayed in the SLA Progress: Vulnerability Age widget. To modify the severity metric for all other areas of the product, navigate to the Severity tab on the General page.
    Vulnerability Age Metric First Seen Specifies whether Tenable uses First Seen or Published Date to calculate SLA data.

  3. Click Save.

    Tenable Vulnerability Management saves your SLA settings.

To configure your default export expiration:

When you create an export, you can set an expiration delay for the export file up to 30 calendar days, which is the maximum number of days that Tenable Vulnerability Management allows before your export files expire.

By default, any exports you create in Tenable Vulnerability Management have an expiration date of 30 days. If you want to decrease the number of days that Tenable Vulnerability Management allows before your export files expire, you can configure your default export expiration days.

  1. Click the Exports tab.

    The Export Expiration options appear.

  2. In the Default Expiration box, type the number of days you want to Tenable Vulnerability Management to allow before your exports expire.

    Note: Tenable Vulnerability Management allows you to set a maximum of 30 calender days for export expiration.

    Note: You must type the number of days as an integer between 1 and 30.

  3. Click Save.

    Tenable Vulnerability Management saves your settings and updates the number of allowable days before your exports expire.

Enabling plugin output data retention allows Tenable Vulnerability Management to store your plugin output data each time you launch a scan. You can then filter your vulnerability findings by a specific regular expression (regex) value in the plugin output. For more information, see Findings Filters.

Note: Tenable automatically disables this setting if it is unused for 35 days. Re-enable the setting to conduct a regex search on plugin output for all scans from that point onward. Only use this setting if you need to perform regular expression searches within the Explore user interface.

Once you have enabled plugin output data retention, you must launch a scan so that Tenable Vulnerability Management can identify and store your plugin output data.

Caution: You cannot disable plugin output data retention once you have enabled it.

To enable plugin output data retention:

  1. In the left navigation plane, click the Search tab.

    The search options appear.

  2. Click the Enable Regex Search on Plugin Output toggle.

  3. Click Save.

    Tenable Vulnerability Management enables plugin output data retention on your account.

What to do next:

You can enable or disable Tenable Vulnerability Management from processing the following Info-level plugins with the Process High Traffic Info Plugins setting in the Scanning General settings section.

  • 34220 - Netstat Portscanner (WMI)

  • 34252 - Microsoft Windows Remote Listeners Enumeration (WMI)

  • 11219 - Nessus SYN Scanner

  • 14272 - Netstat Portscanner (SSH)

  • 25221 - Remote listeners enumeration (Linux / AIX)

  • 10736 - DCE Services Enumeration

  • 99265 - macOS Remote Listeners Enumeration

  • 10335 - Nessus TCP scanner

  • 14274 - Nessus SNMP Scanner

  • 34277 - Nessus UDP Scanner

Tip: For more information about the plugins, search for them on the Tenable Plugins site.

Disabling the setting can improve export performance and end-to-end processing times per scan. Enabling the setting may significantly increase the time it takes Tenable Vulnerability Management to generate and export scan results.

Note: To learn more about the purpose and benefits of the Process High Traffic Info Plugins setting, see Platform Performance Improvement FAQ - Info Plugins.