Discovered Application Details

Required Tenable Web App Scanning User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator

On the Discovered Applications page, you can click an application to view basic details about the application. You can view more details about the application on the Application Details page. On the Application Details page you can view tables with details for each application and new widgets may appear in the left pane of your user interface. The following tables describe the information that appears in each asset details view:

The Application Details page shows the following details about the web application asset.

Section Description
Header

The header row, which includes:

  • Discovered Application — The discovered application name. Tenable Web App Scanning assigns this identifier based on the presence of certain application attributes in the following order:

    • Agent Name (if agent-scanned)

    • NetBIOS Name
    • FQDN
    • IPv6 address
    • IPv4 address

      • For example, if scans identify a NetBIOS name and an IPv4 address for an application, the NetBIOS name appears as the application name.

  • Actions — An menu button that allows you to perform the following actions on an application:
Asset Exposure Score (Requires Tenable Lumin license) A descriptive icon indicating The Asset Exposure Score (AES) calculated for the asset.
Asset Criticality Rating (Requires Tenable Lumin license) A descriptive icon indicating The asset's ACR.
IPv4 Address The first IPv4 address for the application. If there is no IPv4 address, then the first IPv6 for the application.
Operating System The operating system that a scan identified as installed on the application.
Discovered The date and time the application was discovered.
Last Scanned The date and time the application was last scanned.
Application ID The UUID of the application.
Licensed Specifies whether the asset is included in the asset count for the Tenable Web App Scanning instance.
Public Specifies whether the asset is available on a public network. A public asset is within the public IP space and identified by the is_public attribute in the Tenable Web App Scanning query namespace.
Source

Can be Web Application or ASM.

Note: The Attack Surface Management (ASM) source is only available to users with the ASM integration with Tenable Web App Scanning. For more information, refer to the Tenable Attack Surface Management user guide.
Tags Application tags, entered in pairs of category and value (for example Network: Headquarters). This includes the space after the colon (:). If there is a comma in the tag name, insert a backslash (\) before the comma. If your tag name includes double quotation marks (" "), use the UUID instead. You can add a maximum of 100 tags.
Screenshot Screenshot of the discovered application.

Technologies

The Technologies widget may appear in the left pane of your Tenable Web App Scanning interface after clicking on an individual scanned application that contains a technology. This widget indicates the number of technologies (plugins) found in that application. The following table shows the available parameters for each technology listed.

Section Description
Name

The application identifier that Tenable Web App Scanning assigns based on the presence of certain application attributes in the following order:

  1. Agent Name (if agent-scanned)

  2. NetBIOS Name

  3. FQDN

  4. IPv6 address

  5. IPv4 address

For example, if scans identify a NetBIOS name and an IPv4 address for an application, the NetBIOS name appears as the application Name.
CPE

The Common Platform Enumeration (CPE) numbers for vulnerabilities that the plugin identifies.

(200 value limit)
Version

The version of the technology found in the application
Last Detected

The date and time of the scan that last identified the technology on the application.