Security consultants can readily meet clients' specific needs and grow their businesses with help from Nessus Professional.
As a cybersecurity consultant, you're in a unique position: You encounter just about every type of cyberthreat out there – and, often enough, find brand-new dangers in the virtual wild.
You need to help protect all of your clients against these growing threats, while also building your business. And in the current economic environment, where cybersecurity is one of the few categories of corporate spending not going down,12 there is still most definitely business out there for the taking.
Every client is different; so are their security needs. Some will be concerned about specific systems, applications, libraries, or vulnerabilities. Others will have broader concerns about the vulnerabilities across their entire network.
With features like dynamic vulnerability scanning, pre-built and custom templates and vulnerability grouping, Nessus Professional from Tenable helps information security consultants save time while meeting each client’s specific needs.
Unique dynamic scans for unique client needs
Nessus Professional allows you to configure scans according to extremely precise criteria as needed through the power of advanced dynamic scanning. This operation allows you to create dynamic plugin filters instead of manually selecting plugins (or families thereof) each time you scan. You can simply jump right to the dynamic criteria you selected – for example, vulnerabilities with high Common Vulnerability Scoring System (CVSS) scores, or new entries to the National Vulnerability Database (NVD) – and go from there. Each time Tenable releases plugins related to that dynamic scan, Nessus automatically updates the related policy accordingly. As complex as you can make the criteria of a dynamic assessment, the process itself is straightforward and delivers the clear results your clients need.
Balancing pre-built and custom templates
Efficiency is critical when you’re managing many different clients. Nessus Professional's template library further allows consultants to quickly run standard scans or tailor assessments to each client as needed.
- To start, you can choose from a variety of pre-built scan templates. Some of these are configured to search for highly specific malware strains and exploits like DROWN, Spectre, Meltdown, WannaCry and Mirai. Others cover broader priorities, such as PCI DSS compliance and basic full-network scans.
- If you need to modify any of those templates for any reason – e.g., to accommodate a client's desire to focus on (or exclude) certain hosts on the network – customization is a breeze. You can even create entirely unique scan policies from scratch when necessary.
Focusing on customer priorities
After completing a scan, you can present the results in the way that makes the most sense for the client’s needs (and your own). By categorizing vulnerabilities per numerous factors – severity level, plugin family, host and so on – you can focus on issues of greatest concern to the client. If certain flaws you uncover are notably less important than others, you can "snooze" them temporarily so that you don't see them in the results.
Building your business with proven results
Your prospective clients may not know much about you, vulnerability assessments or cybersecurity in general. But they do understand results. Leveraging industry-leading coverage and accuracy with Nessus Professional’s versatility, you can serve clients effectively – saving time and money and standing out from competitors in your field.
Want to dig deeper into the ways that Nessus Professional can help your consulting business? We focused on exactly that in our latest whitepaper, “How Security Consultants Win With Nessus” – now available for download.
To experience Nessus Professional for yourself, sign up for a free trial: