Audit Downloads

Download All Compliance Audit files

Download all the audit files that are shipped with Nessus and Tenable.IO in one zip file.

Antivirus Audit Policies

Audit policies designed to allow users to determine if an antivirus package is installed and set to a working state.

CIS Compliance Audit Policies

CIS certified configuration audit policies for Windows, Solaris, Red Hat, FreeBSD and many other operating systems.

Sensitive Content Audit Policies

Audit policies that look for Credit Cards, Social Security numbers and many other types of sensitive data.

Database Audit Policies

Only Tenable Nessus subscribers and SecurityCenter customers have access to the database checks. This page contains Nessus .audit files that can be used to examine hosts to determine specific database configuration items. Database configuration checks utilize SQL 'select' statements as described in the Nessus Compliance Check documentation.

Configuration Audit Policies

Audit policies based on CERT, DISA STIG, NSA, GLBA and HIPAA standards.

PCI Audit Policies

Audit policies developed by Tenable to test AIX, HP-UX, Linux, Solaris and Windows systems for minimum required PCI configuration settings.

Virus Detection Audit Policies

Audit policies that Tenable's Research group has produced that scan for known trojans and rootkits.

Network, Mobile, Virtualization, and Cloud Infrastructure

Audits for Network Equipment (routers, switches, firewalls) and Virtualization infrastructure (VMware, Hyper-V, XenServer).

Windows Audit Policies

Audit policies based upon standard Microsoft security templates.

Compliance Checks Tools

Download compliance check policy tools and documentation.

Tenable Application Audit Policies

Audit policies that examine hosts to determine if Tenable software applications exist and notifies of the presence and state of these packages.

SCAP-based Audit Policies (FDCC/USGCB, NIST, and DISA STIG)

Audit policies that perform NIST FDCC/USGCB and DISA STIG SCAP configuration audits. These audit files test for the required settings specified by the DISA STIG SCAP and NIST FDCC/USGCB programs.