New Nessus Scan Policy Templates Added in the Plugin Feed
We are pleased to announce that four new Nessus policy templates will be distributed to Nessus ProfessionalFeed and HomeFeed users via the Nessus plugins feed. This is first time we've used "push" functionality to send down scan policy templates.
Click for larger image
The four new Nessus scan policy templates will appear in the "Policies" tab once your Nessus installation has updated the plugins:
- External Network Scan - This policy is tuned to scan externally facing hosts, which typically present fewer services to the network. The plugins associated with known web application vulnerabilities (CGI Abuses and CGI Abuses: XSS plugin families) are enabled in this policy. Also, all 65,535 ports are scanned for on each target.
- Internal Network Scan - This policy is tuned for better performance, taking into account that it may be used to scan large internal networks with many hosts, several exposed services, and embedded systems such as printers. The "CGI Abuse" plugins are not enabled and a standard set of ports is scanned for, not all 65,535.
- Web App Tests - If you want to scan your systems and have Nessus detect both known and unknown vulnerabilities in your web applications, this is the scan policy for you. The fuzzing capabilities in Nessus are enabled in this policy, which will cause Nessus to spider all discovered web sites and then look for vulnerabilities present in each of the parameters, including XSS, SQL, command injection and several more.
- Prepare for PCI DSS audits - This policy enables the built-in PCI DSS compliance checks that compare scan results with the PCI standards and produces a report on your compliance posture. It is very important to note that a successful compliance scan does not guarantee compliance or a secure infrastructure. Organizations preparing for a PCI DSS assessment can use this policy to prepare their network and systems for PCI DSS compliance.
Its important to note that if you modify any of the policy templates your changes will not be overwritten. Also, you can prevent new policy templates from being pushed by adding the line "xmlrpc_import_feed_policies = no" in the nessusd.conf file.
These new policies will allow you to take advantage of the new and more advanced features being added into the Nessus vulnerability scanner. Use the new policy templates in your regular scanning and feel free to ask questions or provide us with feedback on the Tenable Discussions Forum.
Related Articles
Study: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog
October 23, 2023Tenable ranked first in multiple vulnerability management categories, including the most comprehensive coverage and quickest detection of CISA's Known Exploited Vulnerabilities, according to a Miercom report commissioned by Tenable.
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
Terrascan Joins the Nessus Community, Enabling Nessus To Validate Modern Cloud Infrastructures
May 17, 2022The addition of Terrascan to the Nessus family of products helps users better secure cloud native infrastructure by identifying misconfigurations, security weaknesses, and policy violations by scanning Infrastructure as Code repositories.
Cybersecurity Snapshot: Latest MITRE ATT&CK Update Offers Security Insights on GenAI, Identity, Cloud and CI/CD
April 26, 2024Check out what’s new in Version 15 of the MITRE ATT&CK knowledge base of adversary tactics, techniques and procedures. Plus, learn the latest details about the Change Healthcare breach, including the massive scope of the data exfiltration. In addition, why AI cyberthreats aren’t impacting CISOs’ budgets. And much more!
CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor
April 25, 2024Frequently asked questions about CVE-2024-20353 and CVE-2024-20359, two vulnerabilities associated with “ArcaneDoor,” the espionage-related campaign targeting Cisco Adaptive Security Appliances.
CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited
April 23, 2024A zero-day vulnerability in CrushFTP was exploited in the wild against multiple U.S. entities prior to fixed versions becoming available as the vendor recommends customers upgrade as soon as possible.
- Nessus
- PCI