Group Your Findings

Required Tenable Web App Scanning User Role:  Scan Operator, Standard, Scan Manager, or Administrator

On the Findings page, you can group your vulnerability findings by specific attributes.

Note: When using the Group By feature, you can only export up to five findings at one time.

To group your vulnerability findings:

  1. In the upper-left corner, click the Menu button.

    The left navigation plane appears.

  2. In the left navigation plane, click Findings.

    The Findings page appears, showing a table that lists your findings. By default, Group by None is active

  3. (Optional) To analyze web application vulnerability findings, click the Web Application Findings tab.

  4. Do one of the following:

    Note: To optimize performance, Tenable limits the number of filters you can apply to any Explore > Findings or Assets views (including Group By tables) to seven.

    1. At the top of the Web Application Findings table, next to Group By, click one of the following attributes by which to group your findings.

      Note: By default, the None group by setting is active, so your findings display ungrouped.

      • Asset — The unique name for the web application associated with the affected asset.

      • Plugin — The ID of the web application resource type (for example, a resource group or virtual machine).

      The web application findings table appears with your findings grouped by the selected attribute.

    2. (Optional) View the following details about your grouped findings.

      Note: The details that appear in the table vary based on the attribute you select to group your findings.

      Column Description
      Asset
      Asset Name

      The name of the asset where a scan detected the vulnerability. This value is unique to Tenable Vulnerability Management.

      Vulnerabilities A descriptive image that indicates vulnerability percentages by CVSS-based severity for each set of grouped findings. For more information, see CVSS vs. VPR.
      Critical The number of vulnerabilities with a critical CVSS-based severity rating on each set of grouped findings. For more information, see CVSS vs. VPR..
      High The number of vulnerabilities with a high CVSS-based severity rating on each set of grouped findings. For more information, see CVSS vs. VPR.
      Vuln Count The number of vulnerabilities that Tenable Vulnerability Management identified on each set of grouped findings.
      Last Seen The date and time when a scan last found the vulnerability on the asset.
      Actions The actions you can perform with each set of grouped findings.
      Plugin
      Severity The CVSS-based severity score identified on each set of grouped findings. For more information, see CVSS vs. VPR.
      Name

      The name of the plugin that identified the vulnerability.

      Family

      The family of the plugin that identified the vulnerability.
      CVSSv2 Base Score

      The CVSSv2 base score (intrinsic and fundamental characteristics of a vulnerability that are constant over time and user environments).

      Note: Based on your severity metric settings, this parameter may display CVSSv3 base scores. For more information, see General Settings.
      Plugin ID The ID of the plugin that identified the vulnerability.
      Asset Count The number of assets that Tenable Vulnerability Management identified on each set of grouped findings.
      Vuln Count The number of vulnerabilities that Tenable Vulnerability Management identified on each set of grouped findings.
      Actions The actions you can perform with each set of grouped findings.

  5. (Optional) Refine the table data. For more information, see Tables.

  6. (Optional) To group by another attribute, next to Group By, click another attribute.

    The table shows your findings grouped by the new attribute.

  7. (Optional) To remove grouping, next to Group By, click None.

    The table shows your findings without grouping.