Tenable findings in Asset Manager
Findings are imported from Tenable into Asset Manager. These are the results of vulnerabilities, exposures, or issues detected during security assessments of your IT assets. Findings can include vulnerabilities, potential threats, or exposures identified within your organization’s IT assets.
Viewing all Tenable findings
Prerequisite
Before viewing the findings, ensure you have imported data from Tenable. For information about importing, see Importing Tenable data into Asset Manager.
- Open the Asset Manager app.
- On the left hand side, select the expand button to open the side panel.
- Select Vulnerabilities > Vulnerability details > Findings tab.
Result The findings list is displayed. Each finding contains the asset details including status, due date, criticality, etc. You can select the asset type or the related CVEs to go to their respective pages.
Note
Findings that are closed and older than six months are automatically deleted.
Tip
In the Findings tab, you can apply columns filters to refine the findings list. For example: To view the most critical and highest priority findings, you can filter by selecting Critical in the Asset Criticality column, Overdue in the Status column, and Critical in the Severity column.
Score types (VPR, CVSSv2, and CVSSv3)
The score types (VPR, CVSSv2, and CVSSv3) are imported from Tenable and are included in each finding. These scores are required to set up the SLA matrix. For more information, Prequisites to set up an SLA matrix.
Importance of due date
The due date of a finding is the Service Level Agreement (SLA) due date that specifies the maximum number of days required to resolve a vulnerability after it has been identified.
In Asset Manager, you can calculate the due date of a finding using our predefined formula. For more information, see Managing flag types and SLA matrix.
The status of a finding changes based on its due date. For example, if a finding is in Open status and the due date is today, the status remains Open until the end of the day. After the due date passes, the status changes to Overdue. Overdue findings are prioritized and must be resolved before others.
Each time you calculate the SLA using the Execute SLA Calculation button, the Overdue status is also updated after the due date for all findings is refreshed.
These changes are also visualized in the charts on the Vulnerability Dashboard page.
Changing flag type of a finding
By default, findings exported from Tenable into Asset Manager are assigned Actual Finding flag type. This can be modified by assigning a different flag type.
Prerequisite
Before viewing the findings, ensure you have imported data from Tenable. For information about importing, see Importing Tenable data into Asset Manager.
- Open the Asset Manager app.
- On the left hand side, select the expand button to open the side panel.
- Select Vulnerabilities > Vulnerability details > Findings tab.
- Select the checkbox of the finding that you want to assign the flag type, and select Add Flag.
Tip
You can select multiple findings at once and assign the flag. To select all findings at once, use the checkbox in the header row.
- In the Flag Vulnerabilities dialog, select the Flag Type and select Flag.
Result The flag type is assigned to the finding.