Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

New Nessus Vulnerability Modifications Now Available

Nessus now provides the ability to modify vulnerability findings in scan results. These new granular vulnerability modification options combined with other recent enhancements, including the ability to email actionable reports at the completion of a scan, enhance the power of Nessus for daily vulnerability management.

The vulnerability modification settings provide Nessus users with the ability to change the severity of findings, or hide them completely for a single host, a single scan, all future scans, or a specific time period. Nessus users may wish to modify vulnerability finding for a variety of reasons, including:

  • The vulnerability may be mitigated without patching.
  • The value or exposure of the vulnerable asset may require a higher or lower vulnerability rating.
  • The finding may be a false positive from a non-credentialed scan.
  • Time may be needed to remediate a vulnerability in production systems.

Configuration

To modify a finding from an existing report, click the “Modify” button in the upper-right corner of the report details section:

Nessus

Nessus users can now choose to modify the vulnerability’s severity or hide the result:

Nessus

The modification can be applied to the existing report or all future reports, or the change can be set to expire on a specified date. Setting an expiration date is useful for allowing time for remediation of known issues while ensuring the findings are automatically restored to the appropriate severity after the specified remediation period.

Nessus

If the modification is made from the "Hosts" section of the report, it can be applied to a single host or to all hosts.

Modifications can also be added, removed, or edited through the new "Results Settings" section under the "Configuration" tab:

Nessus

Managing the ability to edit scan results is performed as it has been for the existing ability to delete specific findings. The "Allow Post-Scan Report Editing" checkbox in the "Policy General Settings" tab allows Nessus users to enable or disable vulnerability modification:

Nessus

Nessus plugin ID #19506, Nessus Scan Information, reports whether post-scan editing is enabled for the current results:

Nessus

Conclusion

Nessus ProfessionalFeed, Perimeter Service, and HomeFeed users can immediately take advantage of the new modification features. If you have any questions, please visit the Tenable Support Portal or pose a question on the Tenable Discussions Forum.

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security