Patch Management Integration with Nessus Released
Today, Tenable Network Security announced integration between Nessus and a variety of patch management systems that will simplify scanning in cases where credentialed scans are difficult or impossible. The integration allows Nessus and SecurityCenter users to establish direct links to patch management systems. This simplifies patch audits as the systems in your environment do not all have to contain credentials in order to be scanned. You simply need to give Nessus credentials to your patch management server. This integration enhances compliance programs and helps eliminate confusion about the patch status of systems between IT operations and network security teams.
With Nessus patch management integration, you can:
- Retrieve patch manifests and status information from Red Hat® Network Satellite Server, Microsoft® Windows Server Update Services (WSUS) and System Center Configuration Manager (SCCM), and VMware® Go (formerly known as Shavlik).
- Quickly generate patch compliance reports in Nessus and SecurityCenter, based on the data returned from patch management systems. Presentation of records in the well-known Nessus format can speed auditors’ reviews, and simplify resolution of discrepancies between management systems.
- Retrieve accurate patch status information for systems that can’t be fully scanned by vulnerability assessment tools because of a lack of credentials. Credentials are only required for access to the patch management system.
- Retrieve patch status in environments where scanning is not available due to other constraints, such as limited networking.
- Help eliminate false positives caused by back ported patches in Red Hat Satellite environments.
This integration is available today in the case of Microsoft and VMware Go (Shavlik) systems, and is expected no later than Friday of this week for Red Hat. You’ll find the plugins in the ProfessionalFeed. Configuration documentation is available in the Patch Management Integration documentation. If working with patch management systems is a challenge for you, watch this space – I’ll be posting more details on how this integration works, and you can take advantage of it in your environment.
Related Articles
Study: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog
October 23, 2023Tenable ranked first in multiple vulnerability management categories, including the most comprehensive coverage and quickest detection of CISA's Known Exploited Vulnerabilities, according to a Miercom report commissioned by Tenable.
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
Terrascan Joins the Nessus Community, Enabling Nessus To Validate Modern Cloud Infrastructures
May 17, 2022The addition of Terrascan to the Nessus family of products helps users better secure cloud native infrastructure by identifying misconfigurations, security weaknesses, and policy violations by scanning Infrastructure as Code repositories.
Tenable and Thales Collaborate to Provide Cyber Defense Simulations to Better Secure Operational Technology Environments
April 18, 2024The heart of the Welsh Valleys is home to the Thales Ebbw Vale campus, a world-class facility jointly funded by the Welsh government as part of its regeneration program for the region. At the core of the facility is the Cyber Range, a simulation and virtualization platform for training, testing, exercising and R&D. Tenable has joined the lineup of solutions used to run real world simulations in this controlled environment.
Oracle April 2024 Critical Patch Update Addresses 239 CVEs
April 17, 2024Oracle addresses 239 CVEs in its second quarterly update of 2024 with 441 patches, including 38 critical updates.
Strengthening the Nessus Software Supply Chain with SLSA
April 16, 2024You know Tenable as a cybersecurity industry leader whose world-class exposure management products are trusted by our approximately 43,000 customers, including about 60% of the Fortune 500. But sometimes we like to give you a peek behind the curtain to share how we protect our own house against cyberattacks – and that’s what this blog is about. Today we’re sharing our experience adopting the supply-chain security framework SLSA, with the hopes that the lessons we learned will be helpful to you.
- Nessus
- Patch Auditing
- SecurityCenter