4 Replies Latest reply: Sep 20, 2017 7:39 PM by selman.jon@cryolife.com RSS

New to Tenable

rkrick Novice

I seem to be missing a step somewhere in my process. I am running a scan against all of our pc's. I get the monthly scan report and I work with our desktop support team to have them patch the listed vulnerabilities. The desktop support person with then launch a remediation scan for each vulnerability listed and we can both see that when you switch to the mitigated view that they have been fixed. The missing step I cant seem to figure out is when I run the report again it is still showing the previous vulnerabilities.

 

How do I get the mitigated ones to not show on my report?

Do I need to created a different report?

What information do you need to know?

  • Re: New to Tenable
    cezar Apprentice

    In the scan definition, in the "Post Scan" add the name of the report you'd like to be updated with new data.

     

    Cezar

    • Re: New to Tenable
      rkrick Novice

      I am sorry in advance but things with tenable were not explained very well when I took this over. Is that in the report section or in the active scan section? I found in my active scans section in my pc scan there is an option for post scan and it shows  "reports to run after scan completes".  I have my pc report selected.

       

      I still feel like a step was not relayed to me,  so please bear with me. My support person logs into tenable and goes to Scans - Scan Results. They open the scan for the pc's and review the vulnerabilities. They would then fix the issues and then would click on launch remediation scan. After they go through the list I then go into the scan results and select the scan and I switch the view to mitigated and they no longer up.

       

      What should be the next step be?

      • Re: New to Tenable
        rkrick Novice

        This is where i am running into my problem, Do i need to run the whole scan again or is there a way to re scan against just the scan that had vulnerabilities list? or is this done through the report?

        • Re: New to Tenable
          selman.jon@cryolife.com Novice

          I'm new to Tenable as well and am also interested in an answer on this. I can see it as being something I'll definitely encounter in the near future.

           

          In this situation, though, I would expect you'd have to re-run the scan, at least on the vulnerable hosts, in order to acquire a report reflecting the newly patched state. Who knows...