Vulnerability Management Remediation Scans

Vulnerability management remediation scans allow you to validate whether your vulnerability remediation actions on scan targets have succeeded. If a remediation scan cannot identify a vulnerability on targets where the vulnerability was previously identified, the system changes the status of the vulnerability to Fixed.

You can create remediation scans using API calls to run follow-up scans against existing scan results. A remediation scan evaluates a specific plugin against a specific scan target or targets where a vulnerability was present in your earlier active scan.

The following endpoints are affected:

API EndpointDescriptionChange
POST /scans/remediationCreates a remediation scan configuration.New
GET /scans/remediationReturns a list of remediation scans where you have at least CAN VIEW [16] permissions.New
GET /editor/{type}/templatesLists Tenable-provided scan templates (including new remediation type) where you have at least STANDARD [32] permissions.Updated

Other CRUD functions for remediation scans are available through existing scan endpoints.

For more information about remediation scan API parameters, limitations, and example requests, see Manage Remediation Scans and Example Remediation Scan: Multiple Assets and Plugins.