Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Introducing Nessus Expert, Now Built for the Modern Attack Surface

With the introduction of Nessus Expert, you can now protect against new, emerging cyberthreats across cloud infrastructure and understand what's in your external attack surface.

Nessus has long been the undisputed leader in vulnerability assessment. With the introduction of Nessus Expert, you can now protect against new, emerging cyberthreats across cloud infrastructure and understand what's in your external attack surface.

Since it was released over 20 years ago, Nessus has become the industry standard for vulnerability assessments. When Tenable co-founder and former CTO Renaud Deraison dropped out of college to pursue his idea of creating a tool to find software vulnerabilities, no one could have imagined the impact Nessus would have on the cybersecurity industry.

In the time since Nessus was first released in 1998, much has changed about the industry, adding complexity and challenge to the work of security professionals:

  • The attack surface has expanded well beyond traditional IT assets, such as servers, workstations and network infrastructure, to include cloud deployments and workloads and internet-connected assets.
  • The reliance on the cloud and infrastructure as code (IaC) to streamline development lifecycles has become a key part of every organization’s business. Yet, developers aren’t following security best practices before pushing to production, which increases risk.
  • Technological advances have made it relatively easy for individuals to spin up cloud instances without involving IT or security, leaving security professionals with limited visibility into the variety of internet-facing assets that may be in the environment.

To help infosec pros meet the challenges highlighted above, Tenable has developed a number of innovative new assessment capabilities available with Nessus Expert.

Introducing the newest member to the Nessus line-up, Nessus Expert

Nessus Expert is a new offering that builds upon Nessus Professional. Nessus Expert provides vulnerability assessment for your modern attack surface — adding Infrastructure as Code (IaC) scanning along with external attack surface discovery capabilities to identify all domains and subdomains that make up an organization’s external-facing attack surface.

When it comes to IaC, Nessus Expert enables users to programmatically detect cloud infrastructure misconfigurations and vulnerabilities in the design and build phases of the software development lifecycle.

Leveraging 500 prebuilt policies, Nessus Expert checks configuration files and code repositories for security and configuration issues before production — helping to eliminate the costly and time-intensive mistakes that can arise when developers unknowingly push vulnerabilities and misconfigurations into production. Nessus Expert allows users to:

  • Identify policy violations in automated pipelines
  • Leverage 500 prebuilt policies for IaC scanning
  • Prevent misconfigurations and vulnerabilities from reaching cloud instances
  • Prevent the downtime and additional costs and resources associated with remediating code after deployment.

Nessus Expert also contains external attack surface management functionality to continuously discover and inventory an organization's internet-facing assets from an attacker's perspective. Nessus Expert seamlessly scans domains to uncover the sub-domains into which security teams previously had low or no visibility. This functionality allows users to:

  • Scan up to five domains every 90 days to understand all associated subdomains
  • Gain important contextual information about internet-facing assets, such as ports secure socket layer (SSL) details and domain name system (DNS) information
  • Purchase additional domains as needed
  • Easily launch a scan on newly identified assets

Nessus Expert features at a glance

Features

Nessus Professional

Nessus Expert

Designed for…

Pen testers, consultants and SMBs

Pen testers, consultants, developers and SMBs

Real-time vulnerability updates

Vulnerability scanning

✓ 

External attack surface scanning

X

✓ five domains per quarter

Ability to add domains

X

Scan cloud infrastructure

X

Compliance audits of cloud infrastructure

X

500 prebuilt policies

Learn more

Want to see firsthand how Nessus Expert can help you? Try Nessus Expert today.

Related Articles

Are You Vulnerable to the Latest Exploits?

Enter your email to receive the latest cyber exposure alerts in your inbox.

tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web Application Scanning trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.cs Cloud Security.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try Tenable Lumin

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable.io Vulnerability Management, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable.cs

Enjoy full access to detect and fix cloud infrastructure misconfigurations and view runtime vulnerabilities. Sign up for your free trial now.

Your Tenable.cs Cloud Security trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.io Web Application Scanning.

Contact a Sales Rep to Buy Tenable.cs

Contact a Sales Representative to learn more about Tenable.cs Cloud Security and see how easy it is to onboard your cloud accounts and get visibility into both cloud misconfigurations and vulnerabilities within minutes.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Promotional pricing ends September 30th.
Buy a multi-year license and save more.

Add Support and Training