Saved Queries

In Tenable Vulnerability Management, you can build custom queries with the Query Builder and save them to reuse or share. In the user interface, this feature is called Saved Queries.

You can access the Saved Queries menu to the left of the search/query bar within the Tenable Vulnerability Management user interface.

Additionally, when viewing your Saved Queries, you can view Tenable Queries which highlight common key performance indicators (KPIs).

Tenable Queries

Asset Tenable Queries

Findings Tenable Queries

External Assets (ASM) — Assets or domains discovered by Tenable Attack Surface Management, integrated with the steps described in Manage Integrations in the Tenable Attack Surface Management User Guide. This filter does not appear for Domain Inventory assets.

AI Inventory — AI-related Vulnerabilities and Web Application findings identified by Tenable's plugins.

Network Devices — Assets identified as a networking devices, including routers, switches, firewalls and SSL gateways. This filter does not appear for Domain Inventory, Cloud Resource, or Web Application assets.

CISA Known Exploitable — Vulnerabilities that appear in the CISA Known Exploited Vulnerabilities Catalog.

Emerging Threats — Vulnerabilities being actively monitored by Tenable in three areas:

  • Vulnerabilities Being Monitored — Publicly discussed, but no exploit or proof of concept has been disclosed.

  • Vulnerabilities of Interest — Publicly discussed and have a proof of concept that could lead to widespread use by attackers.

  • Vulnerabilities of Concern — Widely discussed and large-scale abuse by attackers is being observed.

In the News — Vulnerabilities being widely reported in the press with notable coverage over the past 30 days.

Persistently Exploited — Vulnerabilities being leveraged by threat actors over an extended period of time in targeted attacks, ransomware, or malware campaigns. These vulnerabilities are curated by the Tenable Research team.

Ransomware — Vulnerabilities used in current or historical ransomware attacks, as determined from evidence gathered by the Tenable Research team.

Recently Exploited — Vulnerabilities with notable coverage in the press over the past 30 days, and for which Tenable has evidence of active exploitation.

Top 50 VPR — The top 50 vulnerabilities by Vulnerability Priority Rating (VPR).

Manage Queries

You can manage your queries in the following ways:

To save a query:

  1. In a query box, use the Query Builder to refine results.

  2. To the left of the query box, click Saved Queries.

    A drop-down appears.

  3. Click Save As New Query.

  4. In New Query Name, type a name and click the button.

You can set any query to be your default query when navigating to the Tenable Vulnerability Management page.

To set a default query:

  1. To the left of a query box, click Saved Queries.

    A drop-down appears.

  2. To the right of the query, click the button.

    Tenable Vulnerability Management saves the query as your default, and applies it to the page automatically.

To run a saved query:

  1. To the left of a query box, click Saved Queries.

    A drop-down appears.

  2. In the drop-down, click a query to run it.

To share a saved query:

  1. To the left of a query box, click Saved Queries.

    A drop-down appears.

  2. To the right of the query to share, click the button.

  3. Paste the link to share the query.

Note: Any Tenable Vulnerability Management user can run a shared query, but the assets they can view are based on permissions. To learn more, see Access Control.

To edit a saved query:

  1. To the left of a query box, click Saved Queries.

    A drop-down appears.

  2. In the drop-down, click the query to edit.

  3. Do one of the following:

    1. Click the button.

    2. Type a new name and click the button.

    1. In the filter box, update the query.

    2. To the left of the query box, click Saved Queries.

    3. In the drop-down that appears, click Save as New Query.

    4. Type a new name in the box and click the button.

To delete a saved query:

  1. To the left of a query box, click Saved Queries.

    A drop-down appears.

  2. Next to the query to delete, click the button.