- Accurate, high-speed asset discovery
- Un-credentialed vulnerability discovery
- Credentialed scanning for system misconfigurations & missing patches
Broad Asset Coverage and Profiling
- Network devices: Firewalls/Routers/Switches (Juniper, Check Point, Cisco, Palo Alto Networks), printers, storage
- Offline configuration auditing of network devices
- Virtualization: VMware ESX, ESXi, vSphere, vCenter
- Operating Systems: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries
- Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL
- Web applications: Web servers, web services, OWASP vulnerabilities
- Cloud: Deployed as AWS AMI
Control Systems Auditing
SCADA systems, embedded devices and ICS applications
Sensitive Content Auditing
PII (e.g. credit card numbers, SSNs)
Automatic Scan Analysis
Remediation action priority and scan tuning recommendations.
Selective Host Re-Scanning
After a scan, re-scan all or a subsection of previously scanned hosts.
Threats: Botnet/Malicious Process/Anti-virus Auditing
Detect Viruses, malware, backdoors, hosts communicating with Botnet-Infected systems, known/unknown processes, web services linking to malicious content.
- HIPAA/ HITECH
- DISA STIGs
Additional Scanning Capabilities
Available in Nessus Manager and Nessus Cloud
Integrates with patch management solutions (IBM, Microsoft, Red Hat®, and Dell)
Mobile Device Auditing
Lists iOS, Android, and Windows Phone 7 devices accessing the network and detects mobile vulnerabilities. Integrates with major MDMs (MSFT, Apple, Good, MobileIron, AirWatch).
Deployment and Management
Software, hardware and virtual appliances, cloud service providers or as a Tenable service. Can be attached to Nessus Manager for resource sharing.
Configure via Nessus UI
Easily create policies using a variety of wizards and schedule scans to run once or on recurring basis
Risk rankings based on CVE scoring with five severity levels: Critical, High, Medium, Low, Info
Agent-less or Agent-based scanning
Multiple scanning modes allow organizations to increase their scan coverage. Agents are available with Nessus Manager and Nessus Cloud
Nessus RESTful API
Standard, supported and documented API for integrating Nessus into your vulnerability management workflow.
Obtain credentials from CyberArk for use in a Nessus scan, saving you time in both adding and updating credentials in Nessus.
Requires Nessus Cloud or Nessus Manager.
Reporting and Monitoring
Customize reports to sort by vulnerability or host, create an executive summary, or compare scan results to highlight changes. Formats: Native (XML), PDF (requires Oracle Java be installed on Nessus server), CSV, and HTML.
Targeted Email Notifications
Targeted email notifications of scan results, remediation recommendations and scan configuration improvements
Dashboards display a variety of Nessus scan results to help users identify things like patching of critical systems and reliability of scan results.
Dashboards require Nessus Cloud or Nessus Manager.
Results / Report Sharing
Automatic post-scan analysis with attachments/screenshots stored in scan reports. (Report sharing requires Nessus Manager)