INFORMATION

This guide provides the minimum requirements, in terms of evidence/data collection, that you should have before submitting a false positive or false negative ticket to Tenable Support.

DETAILS

False negative: No result is being returned for a given vulnerability that you know affects your system. 

• Scan result in Nessus DB format, with plugin debugging enabled (Please also provide the password to allow our engineers to open the DB) 
  1. Please follow the steps in this KB to enable plugin debugging in the scan policy.
  2. Please follow the steps in this KB to generate a scan DB from the product in question.
• Reason why you believe this to be a false negative.
• Evidence to support the claim (screenshots, documentation/proof of installed patches, etc).
• Packet capture of network traffic, for a false negative involving remote plugins. 

False positive: A plugin returning an incorrect result when you are sure your systems are up-to-date on their patches.

• Scan result in Nessus DB format, with plugin debugging enabled (Please also provide the password to allow our engineers to open the DB) 
  1. Please follow the steps in this KB to enable plugin debugging in the scan policy.
  2. Please follow the steps in this KB to generate a scan DB from the product in question.  
• Reason why you believe this to be a false positive.
• Evidence to support the claim (screenshots, documentation/proof of installed patches, product vendor e-mail, etc).
• Packet capture of network traffic, for a false positive involving remote plugins.