Scanned Applications

Required Tenable Web App Scanning User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

On the Applications page, you can drill down to view only your Scanned applications. While on the Scanned applications tab, you can also export your scanned application assets. For more information, see Export Applications.

To view your scanned applications:

  1. In the left navigation plane, click on Applications.

    The Applications page appears. By default, the Scanned tab is visible and applications visualizations are shown.

  2. In the scanned applications table, you can perform any, or all, of the following actions by clicking the button:

You can view basic information about your scanned applications in the following table.

Filter Description
ACR (Requires Tenable Lumin license)The asset's ACR.
AES (Requires Tenable Lumin license)(Requires Tenable Lumin license) The AES category of the AES calculated for the asset.
Application ID The UUID of the asset where a scan detected the finding. This value is unique to Tenable Web App Scanning.
Created Date

The time and date when Tenable Vulnerability Management created the asset record.

First Seen

The date when a scan first found the vulnerability on an application.

IPv4 Address The IPv4 address for the affected asset. You can add up to 256 IP addresses to this filter.
Last Authenticated Scan

The date and time of the last authenticated scan run against the asset. An authenticated scan that only uses discovery plugins updates the Last Authenticated Scan field, but not the Last Licensed Scan field.

Last Licensed Scan

The time and date of the last scan that identified the asset as licensed. For more information about licensed assets, see License Information.

Last Scanned

The date and time at which the asset was last observed as part of a scan.

Last Seen

The date when a scan last found the vulnerability on an asset.

Licensed

Specifies whether the asset is included in the asset count for the Tenable Web App Scanning instance.

Name

The asset identifier that Tenable Web App Scanning assigns based on the presence of certain asset attributes in the following order:

  1. Agent Name (if agent-scanned)

  2. NetBIOS Name

  3. FQDN

  4. IPv6 address

  5. IPv4 address

For example, if scans identify a NetBIOS name and an IPv4 address for an asset, the NetBIOS name appears as the Asset Name.

Operating System The operating system that a scan identified as installed on the asset.
Source

The source of the scan that identified the asset. Possible values are:

  • Agent (Tenable Nessus Agent)
  • Nessus (Tenable Nessus scan)
  • PVS/NNM (Tenable Nessus Network Monitor)
  • WAS (Tenable Web App Scanning)
  • AWS Connector
  • Azure Connector
  • GCP Connector
  • Qualys Connector
SSL/TLS Specifies whether the application on which the asset is hosted uses SSL/TLS public-key encryption.
Tags

Asset tags, entered in pairs of category and value (for example Network: Headquarters). This includes the space after the colon (:). If there is a comma in the tag name, insert a backslash (\) before the comma. If your tag name includes double quotation marks (" "), use the UUID instead. You can add a maximum of 100 tags.

For more information, see Tags.

Updated Date

The time and date when a user last updated the asset.

Vulnerabilities The number of vulnerabilities found on the scanned application.

What to do next: