August 1, 2006
Today, Tenable released two new plugins for Nessus 3 that can audit the configuration of a remote UNIX or Windows system and report which systems are compliant / not compliant with a user-definable security policy.
These plugins are different from other typical NASL checks as they check for configuration settings, not vulnerabilities, and they are available to any Nessus Direct Feed or Security Center user.
To take advantage of these plugins, one needs to define its security policy into a ".audit" file and select it from within a scan policy. The documentation can be found here. There are also tools available to convert a Windows .inf file into an .audit file, or to capture your current Windows configuration as an .audit file. Ron Gula wrote an entry about these checks on Tenable's blog.