Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

New in Nessus 6.4

The Nessus® 6.4 release includes a number of new capabilities, including Nessus Agent operating system support expanding to CentOS, OS X and Red Hat Enterprise Linux.

Nessus Agents are available to Download.

Additional New Features

Rackspace Public Cloud Configuration Audits

Configuration auditing in the Rackspace public cloud ensures systems, networks, and accounts are correctly configured and not potential entry points for attackers. The goal of this audit is to provide a snapshot of the Rackspace infrastructure at a given point of time. Information such as running systems, the network, and account management and pulled from the Rackspace public cloud to provide this snapshot.

CyberArk Enterprise Password Vault Support

This support will save time in both adding and updating credentials in Nessus. Nessus supports both Windows (domain/username + password) and SSH (username + password; username + ssh key (w/o password)) credential types and works with CyberArk Digital Vault, v7.x, v8.x and v9.0.

Deeper integration with MobileIron and AirWatch MDM systems

Nessus 6.4 provides more in-depth MDM data so you can better protect mobile assets. New metrics available include identifying new mobile devices connecting to the network as well as mobile devices that haven’t connected in a designated time period. A single Nessus audit file provides all this information, making it very efficient to identify and report on mobile vulnerabilities.

Reintroduction of the ability to import Nmap XML results into Nessus

For customers that already use Nmap for port scanning and want to easily import their Nmap results into Nessus, this is a useful feature if Nmap was run first and you already have the output from this tool and want to apply the results to your vulnerability scan. This capability was previously available through the use of a plugin that was not supported by Nessus v6.

Scan Copy

This new feature allows you to copy pre-existing, configured scans, and make modifications to the new copied scan, while still having the original scan and its configuration unchanged.

API Keys (an Access Key and a Secret Key)

Now used to authenticate with the Nessus REST API (version 6.4 or greater) and passed with requests using the “X-ApiKeys” HTTP header.

Changelog

Changelog - 6.4.3

Bug Fixes

  • Fix issue with non-Admin permissions on Nessus Agent templates and sharing

Changelog - 6.4.2

Bug Fixes

  • Update OpenSSL to 1.0.1p
  • Improved resource management during server reloads
  • Improved host discovery scan performance
  • Fix issue with importing large .nessus files

Changelog - 6.4.1

Bug Fixes

  • Fixed issue where agent may not restart after plugin update.

Changelog - 6.4.0

New Features, Improvements, Platform Support

  • AirWatch MDM Audits
  • MobileIron MDM audit
  • Cloud Services Audit - RackSpace Configuration Assessment
  • Auditing open ports on Linux/Unix
  • Add ability to copy scans
  • Support CyberArk as an External Credential Store in Nessus
  • Import Nmap results into Nessus to seed scan knowledge base
  • Agents for OS X
  • Agents for RHEL
  • Agents for Fedora
  • Allow users to copy Nessus Scans
  • Allow access to Nessus APIs via API tokens
  • Allow filtering scan results by CWE
  • Registration page should include how to get activation code
  • Credentialed Patch Audit Template should add assessment page to handle false positives.
  • Update plugin output host links
  • Allow users to toggle line and bar displays for historical charts
  • Include Nessus build number in version information in UI, properties api
  • Document switches that can be provided to agent installer command line
  • Add support for TLS 1.2 to Nessus
  • Improve efficiency of scan report upload to manager

Bug Fixes

  • Improved compatibility with SecurityCenter for exported policies
  • Improved Scan Dashboard queries
  • Improved Nessus Agent scalability and results display
  • Improved Nessusd stability
  • Improved SSH credential handling
  • Improved differential scan selection
  • Imported scans do not display the correct start and end times
  • Update 'Credentialed Patch Audit' to use only the credentials provided in the policy
  • Scan fragile devices is enabled by default in templates that aren't using a the 'custom' discovery view.
  • Disabling a scan job from the 'Scan' view by selecting the job, clicking more->disable, does not disable the job.
  • Charts are blurry on high-density displays
  • Plugin archives uploaded through the UI fail to install
  • For an expired activation with auto_updates disabled a new activation key will not show in UI as updated.
  • Remote Scanners now honor proxy settings
  • Compliance plugins no longer shown as vulnerabilities
Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, email, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.