Nessus Vulnerability Scanner
Industry standard vulnerability, configuration, and compliance assessment with 20,000+ customers
The versatile Nessus® vulnerability scanner provides patch, configuration, and compliance auditing; mobile, malware, and botnet discovery; sensitive data identification; and many other features.
With a continuously updated library of more than 60,000 plugins and the support of Tenable’s expert vulnerability research team, Nessus delivers accuracy to the marketplace. Nessus provides multi-scanner support, scales to serve the largest organizations, and is easy to deploy on premise or in the Amazon Web Services (AWS) cloud.
New in Nessus
Primary Nessus scanner to control multiple secondary scanners, schedule internal scans, and view scan findings. Simplified view of scan findings, affected hosts, and compliance status with one-click access to host details.
Largest Collection of Network Security Checks
Whether you're familiar with the network you're scanning or auditing the unknown, and whether or not you have credentials, Nessus has you covered. Nessus will identify hosts and list vulnerabilities and misconfigurations on the network.
Broad Asset Coverage & Profiling
Discovers a wide variety of physical and virtual devices on your corporate network and identifies the operating systems, applications, databases, and services running on those assets.
Mobile Device Auditing
Integrates with Apple® Profile Manager, Microsoft® Exchange via Active Directory®, and Good Technology™ Good for Enterprise to provide a comprehensive view of an organization’s mobile/BYOD environment and its vulnerability status.
Botnet/Malicious Process/Anti-virus Auditing
Detect known or suspicious malicious processes and botnets. Nessus enhances an organization's anti-virus strategy by red-flagging threats that often slip through the cracks, helping fight malware and advanced persistent threat (APT).
Patch Management Integration
Integrates with patch management systems – IBM® Tivoli® Endpoint Manager (TEM) for Patch Management, Microsoft® SCCM, Microsoft® WSUS, Red Hat® Network Satellite Server, and VMware® Go – to retrieve status information for devices being managed by those systems.
Sensitive Content Auditing
Performs agentless content audits of Windows- and UNIX-based systems to identify sensitive information (PII - credit cards, SSNs; “Top Secret”; employee data) and adult content. Use Nessus to audit and enforce policies that lower your organization's risk of breach or data loss.
SCADA/Control Systems Auditing
Using SCADA plugins available through a partnership with Digital Bond, Nessus scans SCADA devices to find known and newly-discovered vulnerabilities. Nessus also audits compliance with configuration policies and best practices for SCADA environments.
Try PVS with Nessus for Complete Coverage
The real-time monitoring of the Passive Vulnerability Scanner™ (PVS™) complements the active scanning of Nessus to provide continuous network evaluation and eliminate security gaps between scans.Learn About Nessus Plus
Extensive Configuration & Compliance Auditing
- Anti-virus vendor audits
- CERT recommendations
- CIS and NSA best practice guides
- DISA STIGs
- GLBA guidelines
- HIPAA profiles
- NIST SCAP and FDCC content
- PCI configuration requirements
- Recommended vendor settings
- Check Point firewall configurations
- Cisco router and firewall configurations
- Juniper router, firewall, and network switch configurations
- Palo Alto Networks firewall configurations
- And more
Multi-scanner Support, Post-scan Analysis, & Customized Monitoring
Nessus provides users with multi-scanner control, email notifications of scan results, a remediation report, enhanced post-scan analysis tools, vulnerability modifications, and suggestions for more complete audits.
Organizations with multiple Nessus scanners for different network segments and geographical locations can control all their scanners from one place. Configure a primary Nessus scanner on premise or in the cloud (Nessus Perimeter Service) to control multiple secondary scanners, schedule internal scans, and view scan findings.
Providing an actionable list to help with remediation efforts, Nessus summarizes the actions to take to address the largest quantity of vulnerabilities on the network. The report is included in scan summary email notifications, as a report chapter, and on the Remediations tab in the user interface.
Targeted Email Notifications
Nessus can send an email summary of completed scan results and remediation recommendations to selected recipients. For individual scans or in conjunction with scan scheduling, Nessus can monitor for specific conditions and deliver findings to the right people.
Attachments Stored in Scan Reports
Scan results contain remote screenshots via RDP and VNC, as well as “pictures” of scanned websites, providing easy access to supporting information for post-scan vulnerability analysis and documentation.
Change the severity of findings or suppress them for a single host, a single scan, all future scans, or a specific time period. When combined with other Nessus features, users enhance the power of Nessus for daily vulnerability management.
Built-in Scanning Recommendations
Every network is different, and tuning your Nessus scan policy can yield great results. Nessus analyzes the scan results for your environment and the scan settings that were used, and then suggests improvements for a more complete audit.
Register for a free 7-day Nessus evaluation for your organization.Evaluate
Buy Nessus on the Tenable Store
To purchase with a credit card, visit the Tenable online store.Buy Online
Buy Nessus Through a Partner
For purchase orders, quotes, or invoices, consult with a Tenable partner in your area.Find a Partner