Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Scan Summary Report

by Cody Dumont
February 24, 2015

As a part of many security compliance programs, internal security assessments are required which include vulnerability scanning on the network. Many compliance standards also require an organization to provide evidence of scanning activities. This report provides a summary of scan activity and the attributes used during the scan. The Nessus vulnerability scanner is a fast and diverse tool that helps organizations of all sizes audit their assets for security vulnerabilities. 

The report is available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The report can be easily located in the Tenable.sc Feed under the category Discovery & Detection. The report requirements are:

  • Tenable.sc 4.8.2
  • Nessus 8.4.0

Nessus features high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, and vulnerability analysis of security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. Nessus stays current through automatic updates that pull the latest vulnerability checks directly from Tenable.

This report provides a summary view of active scanning within the network. The report includes a chapter that provides a high level view of how active scans are conducted and the parameters that are configured. The next chapter provides a summary of the vulnerabilities and the compliance status. The last two chapters provide the scan configuration details grouped according to the dates the plugins were updated from the feed. This allows the analyst to determine if scanners are scanning the network with up to date information. For the systems with out of date plugins, detailed information is provided to aid the troubleshooting process.

Organizations that use Tenable.sc or Tenable.sc Continuous View (CV) have added features over Nessus users. With Tenable.sc, organizations have an unlimited number of Nessus Vulnerability Scanners, thus allowing for full coverage of the network. Tenable.sc CV also allows the organization to monitor using active, passive, and event based vulnerability detections, thus simplifying security operations and streamlining compliance.

Chapters

Executive Summary - This chapter contains a summary of the scans completed and the scan parameters. The plugin ID 19506 provides information about a scan including the version of the scan, the amount of time it took to complete the scan, if a credentialed scan took place, and more. Knowing about the various Nessus scanner options or features can be a great benefit in producing more accurate and faster vulnerability scans. This chapter provides data on Nessus Scan Time, Web Apps Test, Nessus Scanner Version, Nessus Port Scanner Types, Nessus Scan Options Status, and Credential Checks. Additionally, a table shows systems encountering an error during a scan. Refer to the Nessus product documentation for more information about Nessus scans.

Vulnerability Summary - This chapter contains a series of tables showing the vulnerability, compliance, and remediation count over the past 12 months. Each table shows a specific data set, with a count for the previous 25 days, 90 days, 180 days and 365 days. The data in this chapter allows security managers to gain an understanding of the vulnerabilities over the course of 12 months.

Plugin Feed by Day of Month - This chapter contains the scan results details from devices scanned with Nessus scanners that were updated from the feed on specific days of the month. The date ranges from the 1st to the 31st. The chapter begins with a summary matrix, providing indicators for the specific dates the plugins were updated from the feed. The following sections (1st – 31st) contain a scan summary chapter with IP, FQDN, and MAC address of the devices that were scanned, followed by the scan details of the completed scans. 

Plugin Feed by Month - This chapter contains the scan result details from devices scanned with Nessus scanners that were updated during a specific month. The chapter begins with a summary matrix, providing indicators for the specific dates the plugins were updated from the feed. The following sections (January to December) contain a scan summary chapter with IPs, FQDNs, and MAC addresses of the devices that were scanned, followed by the scan details of the completed scans.

 

Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.