Basic Settings in Tenable Web App Scanning Scans
Configure settings to specify basic organizational and security-related aspects of your scan configuration. This includes specifying the name of the scan,
You can configure settings when you create a scan or user-defined scan template and select any scan type. For more information, see Scan Templates.
Tip: If you want to save your settings configurations and apply them to other scans, you can create and configure a user-defined scan template.
The Basic settings include the following sections:
The general settings for a scan.
|Name||none||Specifies the name of the scan or template.||Yes|
|Description||none||Specifies a description of the scan or template.||No|
|Folder||My Scans||Specifies the folder where the scan appears after being saved.||Yes|
|Scanner Type||Internal Scanner||Specifies whether a local, internal scanner or a cloud-managed scanner performs the scan, and determines whether the Scanner field lists local or cloud-managed scanners to choose from.||Yes|
|Scanner||varies||Specifies the scanner that performs the scan.||Yes|
Specifies the URL for the target you want to scan, as it appears on your Tenable Web App Scanning license. Regular expressions and wildcards are not allowed. Targets must start with the http:// or https:// protocol identifier.
The Import from file link opens a file manager window. You can import a target list in TXT format with one target per line. The file must be 1MB or smaller, and each line must be shorter than 4096 characters. After you add targets, you can search and delete targets from the list. You cannot modify targets inline.
Tip: If you upload a new target list, it replaces any existing targets in the scan. If you have multiple target lists, consolidate them in one file before you upload them to Tenable Web App Scanning.
You can add up to 1000 targets to a scan, with the exception of scans that include API targets. API scans support only one target at a time.
Note: If the URL you type in the Target box has a different FQDN host from the URL that appears on your license, and your scan runs successfully, the new URL you type counts as an additional asset on your license.
Note: If you create a user-defined scan template, the target setting is not saved to the template. Type a target each time you create a new scan.
The schedule settings for the scan.
Note: If you create a user-defined scan template, your schedule settings are not saved to the scan template. You must configure the schedule settings each time you create a new scan.
A toggle that specifies whether the scan is scheduled. By default, scans are not scheduled.
When the Schedule toggle is disabled, the other schedule settings remain hidden.
Click the toggle to enable the schedule and view the remaining Schedule settings.
Specifies how often the scan is launched.
Note: The frequency with which you scan your target
Specifies the exact date and time at which a scan launches.
Note: If you schedule an excessive number of scans to run concurrently, you may exhaust the scanning capacity on Tenable Web App Scanning. If necessary, Tenable Web App Scanning staggers concurrent scans to ensure consistent scanning performance.
The starting date defaults to the date you create the scan. The starting time is the next hour interval, displayed in 24-hour clock format. For example, if you create your scan on October 31, 2019 at 9:12 PM, the default starting date and time is 10/31/2019 and 22:00.
The time zone of the value set for Starts.
The notification settings for a scan.
The following feature is not supported in Tenable Vulnerability Management Federal Risk and Authorization Management Program (FedRAMP) environments. For more information, see the FedRAMP Product Offering.
|Email Recipient(s)||None||Specifies zero or more email addresses, separated by commas, whitespace, or new lines, that are alerted when a scan completes and the results are available.|
Share the scan or user-defined scan template with other users by setting permissions for users. For more information on adding or editing user permissions, see Set Scan Permissions.
|No Access||(Default) Users set to this permission cannot interact with the scan in any way.|
|Can View||Users set to this permission can view the results of the scan.|
|Can Control||In addition to the tasks allowed by Can View, users with this permission can launch and stop a scan. They cannot view or edit the scan configuration or delete the scan.|
|Can Configure||In addition to the tasks allowed by Can Control, users with this permission can view the scan configuration and modify any setting for the scan except scan ownership. They can also delete the scan.|
|Scan Results||Show in dashboard||Specifies whether the results of the scan should be kept private or should appear on users' dashboards. When set to Keep private, users must access the scan directly to view the results.|