Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

"Communicating Vulnerabilities to Management: Making the Rubber Meet the Road" Webcast - Recording and Q&A

Renaud Deraison, Jack Daniel, and I recently presented the "Communicating Vulnerabilities to Management: Making the Rubber Meet the Road" webcast. This was part 4 in the “Vulnerabilities Exposed” webcast series.

If you missed the webcast or would like to re-watch it, view the recording.

View Recording

Q&A

Here are responses to questions we received during the webcast.

General

Will the slides be available for download?

  • Yes, click here to view the presentation slides.

Are there licenses for each implementation of Nessus and PVS?

  • Nessus and PVS can be licensed individually, and are also available in an introductory offer called "Nessus Plus." For more information, visit the Tenable Online Store. Each instance of Nessus or PVS requires a license.

I want to know more about the software, how to use it, and how much it costs. Will it be difficult to learn how to do the scan?

Does your product run in an IPv6 environment?

  • Both Nessus and PVS natively support IPv6 (both as targets and sniffing IPv6 traffic for vulnerabilities).

Configuration and Compliance

Nessus supports different types of frameworks. How easy it is to scan different types of compliance standards, and how do I perform the analysis by reviewing the vulnerabilities?

  • Configuration and compliance auditing is a feature of Nessus that is both easy-to-use and very flexible. For more information, including how to set up and run compliance audits using Nessus, refer to the video on our YouTube Channel and the compliance checks documentation.

Do you have a scanning policy for HIPAA compliance ?

Product Features

How can I set up a Nessus scan to only scan by a particular severity? For example, scan using only critical-severity plugins.

  • You can filter the plugins on several different types of criteria, including severity.

Can Nessus effectively determine vulnerabilities in web applications and CMSes such as Joomla or WordPress?

  • Yes, Nessus can detect both known and previously-unknown web application vulnerabilities. For more information, please refer to the video on our YouTube channel.

Say Nessus finds a critical patch is missing which was already deployed through our patching. Can we trigger patching from Nessus through SCCM or WSUS?

  • At this time, this feature is not supported. Nessus reports the patch status recorded from the target host and the patch management system(s).

Is it necessary to provide Exchange service account credentials in order to pull the ActiveSync data for mobile devices?

  • To use mobile device scanning, Nessus requires access to the Active Directory domain controller(s) and Domain Admin level privileges.

Is the email notification feature available with the basic version of Nessus?

  • Yes, the email notification feature is available on all types of the Nessus vulnerability scanner.

When you modify the severity, is it a global change, or can it be modified based on policy? Can I apply a system-wide severity change for a specific host?

  • Severity modification is changed on a per-user basis. You can set the host for which it will apply and a time frame for which it will be active.

SecurityCenter can also recast or accept risk, but it does not have an expiration date. Will that be added?

  • This is currently a planned feature for an upcoming SecurityCenter release.

Can multiple scans be combined as one report?

  • SecurityCenter allows you to aggregate data and generate reports from information collected from Nessus, PVS, and LCE (Log Correlation Engine). From within Nessus, you are not able to combine reports unless you interface with the API and create a custom script.

Tenable Resources

Webcast Recordings and Q&A

If you missed any of the previous webcasts in the "Vulnerabilities Exposed" series, view the recordings and read the Q&A.

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training