- Accurate, high-speed asset discovery
- Un-credentialed vulnerability discovery
- Credentialed scanning for system misconfigurations & missing patches
Broad Asset Coverage and Profiling
- Network devices: Firewalls/Routers/Switches (Juniper, Check Point, Cisco, Palo Alto Networks), printers, storage
- Offline configuration auditing of network devices
- Virtualization: VMware ESX, ESXi, vSphere, vCenter
- Operating Systems: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries
- Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL
- Web applications: Web servers, web services, OWASP vulnerabilities
- Cloud: Deployed as AWS AMI
Integrates with patch management solutions (IBM, Microsoft, Red Hat®, Dell, and VMware®)
Control Systems Auditing
SCADA systems, embedded devices and ICS applications
Sensitive Content Auditing
PII (e.g. credit card numbers, SSNs)
Mobile Device Auditing
Lists iOS, Android, and Windows Phone 7 devices accessing the network and detects mobile vulnerabilities. Integrates with major MDMs (MSFT, Apple, Good, MobileIron, AirWatch).
Automatic Scan Analysis
Remediation action priority and scan tuning recommendations.
Selective Host Re-Scanning
After a scan, re-scan all or a subsection of previously scanned hosts.
Threats: Botnet/Malicious Process/Anti-virus Auditing
Detect Viruses, malware, backdoors, hosts communicating with Botnet-Infected systems, known/unknown processes, web services linking to malicious content.
- HIPAA/ HITECH
- DISA STIGs
Deployment and Management
Software, hardware and virtual appliances, cloud service providers or as a Tenable service. Can be attached to Nessus Manager for resource sharing.
Configure via Nessus UI
Easily create policies using a variety of wizards and schedule scans to run once or on recurring basis
Risk rankings based on CVE scoring and there are five severity levels: Critical, High, Medium, Low, Info
Agent-less or Agent-based scanning
Multiple scanning modes allow organizations to increase their scan coverage.
Nessus RESTful API
Standard, supported and documented API for integrating Nessus into your vulnerability management workflow.
Reporting and Monitoring
Customize reports to sort by vulnerability or host, create an executive summary, or compare scan results to highlight changes. Formats: Native (XML), PDF (requires Oracle Java be installed on Nessus server), CSV, and HTML.
Targeted Email Notifications
Targeted email notifications of scan results, remediation recommendations and scan configuration improvements
Results / Report Sharing
Automatic post-scan analysis with attachments/screenshots stored in scan reports. (Report sharing requires Nessus Manager)