Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Web Application Scanning On-Prem Now Available

Earlier this year, we introduced Tenable.io on-prem, an on-prem deployment option for our Cyber Exposure platform. While Tenable.io is first and foremost a cloud-delivered platform, Tenable.io on-prem is the right platform for organizations who have strict requirements to keep their security and compliance data locally within their organization’s boundary.

Customer choice and flexibility are important to us, which is why we’ve worked hard to ensure that our on-prem customers get many of the same great capabilities that our cloud customers have come to love. This includes: Nessus sensors for active and agent-based scanning and passive network monitoring, an API and SDK for those who want to automate the sharing of Tenable.io capabilities and vulnerability data, the same user-friendly UI and now Web Application Scanning.

We’re very excited to launch Web Application Scanning on-prem and meet this critical need for our on-prem customers. Web Application Scanning on-prem works with Tenable.io on-prem and ensures on-prem scanning of web applications, allowing data to be kept locally, on a customer’s premises.

Why do you need Web App Scanning?

Why do you need Web App Scanning? Well, it’s no secret that lack of web application security can kill companies. Take Equifax, for example. We’re all familiar with this breach. And many of us were affected by it. It originated from unpatched vulnerabilities in the Apache Struts web application.

The reality is Equifax isn’t alone in their poor cyber hygiene: the average time it takes to remediate high-risk and critical web application vulnerabilities is measured in months, not days or even weeks. Taking it a step further, the amount of vulnerabilities in web applications is staggering, with TechRepublic reporting that 99.7% of web apps have at least one vulnerability.

And organizations often have hundreds – or thousands – of web applications. The sheer prevalence of vulnerabilities makes this attack vector attractive to adversaries. And the potential impact web app attacks could have on your company makes this blind spot an essential one to secure. We can help.

Tenable Web App Scanning is available in the cloud or on-prem. Benefits include:

  • Comprehensive vulnerability scanning for modern web applications
  • Accurate vulnerability coverage to minimize false positives and negatives
  • Safe scanning with the capability to define parts of critical web applications that are safe to scan and define other parts that should never be scanned, to prevent performance latency and disruptions
  • Highly automated scans with the capability to easily define frequency and timing parameters for continuous testing
  • Unified view of all your vulnerabilities in one place to eliminate gaps and inconsistencies that come with managing multiple, siloed solutions
  • Complete understanding of the sitemap and layout of your web apps to see and assess your web apps globally
  • Flexible deployment: Available in the cloud or on-prem for organizations that need the ability to keep web application scanning data locally

Learn more about Web Application Scanning

Subscribe to the Tenable Blog

Try for Free Buy Now

Try Tenable.io Vulnerability Management


Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free


Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.