Identify Unassessed Assets in Tenable.io
Tenable.io can discover assets without assessing the assets for vulnerabilities (for example, via a host discovery scan, Nessus Network Monitor running in discovery mode, or connectors). Assets that have been seen but not assessed do not count towards your asset license limit.
This licensing exception allows you to discover assets on your network without the large number of assets counting towards your license limit. After you discover your assets, you can then identify which assets have not yet been scanned for vulnerabilities, and choose which of those assets you want to scan and manage going forward.
The asset_assessed filter selects assets based on whether the assets have been scanned for vulnerabilities. The filter value of false corresponds to a null last_licensed_scan_date asset attribute.
You can use this filter to query assets workbench data and to create a dynamic tag.
This filter can be used on the following endpoints:
| API Endpoint | Change |
|---|---|
| GET /workbenches/assets | new asset_assessed filter parameter |
| POST /tags/values PUT /tags/values/{uuid} | new asset_assessed filter parameter |
For best practices information, see Manage Unassessed Assets.