Nessus Vulnerability Scanner
Industry standard vulnerability, configuration, and compliance assessment with 20,000+ customers
The Nessus® vulnerability scanner provides patch, configuration, and compliance auditing; mobile, malware, and botnet discovery; sensitive data identification; and many other features.
With a continuously updated library of more than 59,000 plugins and the support of Tenable’s expert vulnerability research team, Nessus delivers accuracy to the marketplace. Nessus scales to serve the largest organizations, and is easy to deploy on premises or in the Amazon Web Services (AWS) cloud.
Nessus Subscriptions and Bundles
Nessus is offered in 1-, 2-, or 3-year subscriptions, as well as in bundled solutions. Nessus Auditor Bundles offer savings of up to $800 on products, training, and certification.
Nessus subscriptions allow users to scan an unlimited number of IPs as often as needed, receive daily plugin updates, download compliance and audit files, and receive software updates and support.
Introducing Nessus UI 2.0
Policy creation wizards to quickly configure accurate and complete scans and usability improvements to enhance scan scheduling, processing, and analysis
Largest Collection of Network Security Checks
Whether you're familiar with the network you're scanning or auditing the unknown, and whether or not you have credentials, Nessus has you covered. Nessus will identify hosts and list vulnerabilities and misconfigurations on the network.
Broad Asset Coverage & Profiling
Discovers a wide variety of physical and virtual devices on your corporate network and identifies the operating systems, applications, databases, and services running on those assets.
Mobile Device Auditing
Integrates with Apple® Profile Manager, Microsoft® Exchange via Active Directory®, and Good Technology™ Good for Enterprise to provide a comprehensive view of an organization’s mobile/BYOD environment and its vulnerability status.
Botnet/Malicious Process/Anti-virus Auditing
Detect known or suspicious malicious processes and botnets. Nessus enhances an organization's anti-virus strategy by red-flagging threats that often slip through the cracks, helping fight malware and advanced persistent threat (APT).
Patch Management Integration
Integrates with patch management systems – IBM® Tivoli® Endpoint Manager (TEM) for Patch Management, Microsoft® SCCM, Microsoft® WSUS, Red Hat® Network Satellite Server, and VMware® Go – to retrieve status information for devices being managed by those systems.
Sensitive Content Auditing
Performs agentless content audits of Windows- and UNIX-based systems to identify sensitive information (PII - credit cards, SSNs; “Top Secret”; employee data) and adult content. Use Nessus to audit and enforce policies that lower your organization's risk of breach or data loss.
SCADA/Control Systems Auditing
Using SCADA plugins available through a partnership with Digital Bond, Nessus scans SCADA devices to find known and newly-discovered vulnerabilities. Nessus also audits compliance with configuration policies and best practices for SCADA environments.
Try PVS with Nessus for Complete Coverage
The real-time monitoring of the Passive Vulnerability Scanner™ (PVS™) complements the active scanning of Nessus to provide continuous network evaluation and eliminate security gaps between scans.Learn About Nessus Plus
Extensive Configuration & Compliance Auditing
- Anti-virus vendor audits
- CERT recommendations
- CIS and NSA best practice guides
- DISA STIGs
- GLBA guidelines
- HIPAA profiles
- NIST SCAP and FDCC content
- PCI configuration requirements
- Recommended vendor settings
- Check Point firewall configurations
- Cisco router and firewall configurations
- Juniper router, firewall, and network switch configurations
- Palo Alto Networks firewall configurations
- And more
Automatic Post-scan Analysis & Customized Monitoring
Nessus, a lightweight security monitoring solution, provides users with email notifications of scan results, a remediation report, enhanced post-scan analysis tools, vulnerability modifications, and suggestions for more complete audits.
Targeted Email Notifications
Nessus can send an email summary of completed scan results and remediation recommendations to selected recipients. For individual scans or in conjunction with scan scheduling, Nessus can monitor for specific conditions and deliver findings to the right people.
Providing an actionable list to help with remediation efforts, Nessus summarizes the actions to take to address the largest quantity of vulnerabilities on the network. The report is included in scan summary email notifications and as a report chapter.
Attachments Stored in Scan Reports
Scan results contain remote screenshots via RDP and VNC, as well as “pictures” of scanned websites, providing easy access to supporting information for post-scan vulnerability analysis and documentation.
Change the severity of findings or suppress them for a single host, a single scan, all future scans, or a specific time period. When combined with other Nessus features, users enhance the power of Nessus for daily vulnerability management.
Built-in Scanning Recommendations
Every network is different, and tuning your Nessus scan policy can yield great results. Nessus analyzes the scan results for your environment and the scan settings that were used, and then suggests improvements for a more complete audit.
Register for a free 7-day Nessus evaluation for your organization.Evaluate
Buy Nessus on the Tenable Store
To purchase with a credit card, visit the Tenable online store.Buy Online
Buy Nessus Through a Partner
For purchase orders, quotes, or invoices, consult with a Tenable partner in your area.Find a Partner