Nessus Vulnerability Scanner Features

For vulnerability, configuration and compliance assessment

Scanning Capabilities


  • Accurate, high-speed asset discovery
  • Scan IPv4/IPv6/hybrid networks
  • Un-credentialed vulnerability discovery
  • Credentialed scanning for system misconfigurations & missing patches

Broad Asset Coverage and Profiling

  • Network devices: Firewalls/Routers/Switches (Juniper, Check Point, Cisco, Palo Alto Networks), printers, storage
  • Offline configuration auditing of network devices
  • Virtualization: VMware ESX, ESXi, vSphere, vCenter
  • Operating Systems: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries
  • Databases: Oracle, SQL Server, MySQL, DB2, Informix/DRDA, PostgreSQL
  • Web applications: Web servers, web services, OWASP vulnerabilities
  • Cloud: Deployed as AWS AMI

Patch Auditing

Integrates with patch management solutions (IBM, Microsoft, Red Hat®, Dell, and VMware®)

Control Systems Auditing

SCADA systems, embedded devices and ICS applications

Sensitive Content Auditing

PII (e.g. credit card numbers, SSNs)

Mobile Device Auditing

Lists iOS, Android, and Windows Phone 7 devices accessing the network and detects mobile vulnerabilities. Integrates with major MDMs (MSFT, Apple, Good, MobileIron, AirWatch).

Automatic Scan Analysis

Remediation action priority and scan tuning recommendations.

Threats: Botnet/Malicious Process/Anti-virus Auditing

Detect Viruses, malware, backdoors, hosts communicating with Botnet-Infected systems, known/unknown processes, web services linking to malicious content.

Compliance Auditing

  • CyberScope
  • GLBA
  • NERC
  • PCI
  • SCAP
  • SOX

Configuration Auditing

  • CERT
  • CIS
  • FDCC
  • ISO
  • NIST
  • NSA

Deployment and Management

Flexible Deployment

Software, hardware and virtual appliances, cloud service providers or as a Tenable service. Can be attached to Nessus Enterprise for resource sharing. Agentless scanning for easy deployment and maintenance

Configure via Nessus UI

Easily create policies using a variety of wizards and schedule scans to run once or on recurring basis

Risk Assessment

Risk rankings based on CVE scoring and there are five severity levels: Critical, High, Medium, Low, Info

Reporting and Monitoring

Flexible Reporting

Customize reports to sort by vulnerability or host, create an executive summary, or compare scan results to highlight changes. Formats: Native (XML), PDF (requires Oracle Java be installed on Nessus server), CSV, and HTML.

Targeted Email Notifications

Targeted email notifications of scan results, remediation recommendations and scan configuration improvements

Results / Report Sharing

Automatic post-scan analysis with attachments/screenshots stored in scan reports. (Report sharing requires Nessus Enterprise)

Getting Started

Try Nessus

Get a 7-day trial for your organization

Try Now

Buy Nessus

Get the full power of vulnerability scanning

Buy Now