Scanned Application Details
Required Tenable Web App Scanning User Role: Basic, Scan Operator, Standard, Scan Manager, or Administrator
On the Scanned Applications page, you can click an application to view basic details about the application in the preview panel. You can view more details about the application on the Application Details page. On the Application Details page you can view tables with details for each application and new widgets may appear in the left pane of your user interface. The following tables describe the information that appears in each application details view:
The Application Details page shows the following details about the scanned application.
| Section | Description |
|---|---|
| Header |
The header row, which includes:
|
| ACR | (Requires Tenable Lumin license) A descriptive icon indicating The asset's ACR. |
| ACR (Beta) |
(Requires Tenable One or Tenable Lumin license) The Tenable-defined Asset-Criticality Rating using a new algorithm based on asset profile, which assigns assets to classes by business and device function. This metric rates the importance of an asset to your organization from 1 to 10, with higher numbers for more critical assets. For more information, see Scoring and Asset Criticality Rating. |
| ACR Severity | (Requires Tenable Lumin license)(Requires Tenable One or Tenable Lumin license) The ACR category of the ACR calculated for the asset. |
| AES | (Requires Tenable Lumin license) A descriptive icon indicating The Asset Exposure Score (AES) calculated for the asset. |
| AES (Beta) |
(Requires Tenable One or Tenable Lumin license) The Tenable-defined Asset Exposure Score using a new algorithm. This metric weighs an asset's Vulnerability Priority Rating (VPR) and Asset Criticality Rating (ACR) and then assigns a number from 1 to 1000, with higher numbers for more exposed assets. For more information, see Scoring (Beta). |
| AES Severity | (Requires Tenable Lumin license)(Requires Tenable Lumin license) The AES category of the AES calculated for the asset. |
| IPv4 Address | The first IPv4 address for the application. If there is no IPv4 address, then the first IPv6 for the application. |
| Operating System | The operating system that a scan identified as installed on the application. |
| Discovered | The date and time the application was discovered. |
| Last Scanned | The date and time the application was last scanned. |
| Application ID | The UUID of the application. |
| Licensed | Specifies whether the asset is included in the asset count for the Tenable Web App Scanning instance. |
| Public | Specifies whether the asset is available on a public network. A public asset is within the public IP space and identified by the is_public attribute in the Tenable Web App Scanning query namespace. |
| Source | Can be Web Application |
| Screenshot | Screenshot of the scanned application. |
The Technologies widget may appear in the left pane of your Tenable Web App Scanning interface after clicking on an individual scanned application that contains a technology. This widget indicates the number of technologies(plugins) found in that application. The following table shows the available parameters for each technology listed.
| Section | Description |
|---|---|
| Name |
The application identifier that Tenable Web App Scanning assigns based on the presence of certain application attributes in the following order:
For example, if scans identify a NetBIOS name and an IPv4 address for an application, the NetBIOS name appears as the application Name. |
| CPE |
The Common Platform Enumeration (CPE) numbers for vulnerabilities that the plugin identifies. (200 value limit) |
| Version |
The version of the technology found in the application |
| Last Detected |
The date and time of the scan that last identified the technology on the application. |
The Findings widget may appear in the left pane of your Tenable Web App Scanning interface after clicking on an individual scanned application that contains findings. A finding is a single instance of a vulnerability appearing on an application, identified uniquely by plugin ID, port, and protocol. This widget provides insight into your organization's vulnerability findings, and the applications on which Tenable Web App Scanning identified the finding. For more information, refer to Findings.