Renaud Deraison, Jack Daniel, and I recently presented the "Communicating Vulnerabilities to Management: Making the Rubber Meet the Road" webcast. This was part 4 in the “Vulnerabilities Exposed” webcast series.
If you missed the webcast or would like to re-watch it, view the recording.
Here are responses to questions we received during the webcast.
- Yes, click here to view the presentation slides.
- Nessus and PVS can be licensed individually, and are also available in an introductory offer called "Nessus Plus." For more information, visit the Tenable Online Store. Each instance of Nessus or PVS requires a license.
I want to know more about the software, how to use it, and how much it costs. Will it be difficult to learn how to do the scan?
- Both Nessus and PVS natively support IPv6 (both as targets and sniffing IPv6 traffic for vulnerabilities).
Configuration and Compliance
Nessus supports different types of frameworks. How easy it is to scan different types of compliance standards, and how do I perform the analysis by reviewing the vulnerabilities?
- Yes, it is located on the Tenable Support Portal in the Nessus Audits Files section.
How can I set up a Nessus scan to only scan by a particular severity? For example, scan using only critical-severity plugins.
- You can filter the plugins on several different types of criteria, including severity.
Can Nessus effectively determine vulnerabilities in web applications and CMSes such as Joomla or WordPress?
- Yes, Nessus can detect both known and previously-unknown web application vulnerabilities. For more information, please refer to the video on our YouTube channel.
Say Nessus finds a critical patch is missing which was already deployed through our patching. Can we trigger patching from Nessus through SCCM or WSUS?
- At this time, this feature is not supported. Nessus reports the patch status recorded from the target host and the patch management system(s).
Is it necessary to provide Exchange service account credentials in order to pull the ActiveSync data for mobile devices?
- To use mobile device scanning, Nessus requires access to the Active Directory domain controller(s) and Domain Admin level privileges.
- Yes, the email notification feature is available on all types of the Nessus vulnerability scanner.
When you modify the severity, is it a global change, or can it be modified based on policy? Can I apply a system-wide severity change for a specific host?
- Severity modification is changed on a per-user basis. You can set the host for which it will apply and a time frame for which it will be active.
SecurityCenter can also recast or accept risk, but it does not have an expiration date. Will that be added?
- This is currently a planned feature for an upcoming SecurityCenter release.
- SecurityCenter allows you to aggregate data and generate reports from information collected from Nessus, PVS, and LCE (Log Correlation Engine). From within Nessus, you are not able to combine reports unless you interface with the API and create a custom script.
- Blog Post: Nessus Plugins Audit Your Patch Management System Effectiveness
- Video: Nessus Patch Management Integration
- Blog Post: Nessus Vulnerability Modifications
- Video: Nessus Scheduling, Report Emailing, and Result Modification
- Blog Post: Hiding In Plain Sight: Discovering Legacy Applications Using PVS
- SecurityCenter Dashboards: Vulnerability Reporting
- Whitepaper: Implementing an Effective Vulnerability Management Program
Webcast Recordings and Q&A
If you missed any of the previous webcasts in the "Vulnerabilities Exposed" series, view the recordings and read the Q&A.