What’s New in Nessus 6.6
Highlights of this release include new workflow changes in Nessus Cloud, new platforms for Nessus Agents and scanners, new Docker and Openstack configuration audits and new malware scanning on file systems.
Nessus Cloud Workflow Changes
In Nessus Cloud, you’ll see changes to how you set up scans, manage agents and view results. In the above example, you can see that scan templates are now organized in tabs. Learn more in this blog article or if you’re a current customer, log in to the Customer Support Portal and click the “Training Videos” link to watch recorded videos of these and other changes.
Expanded Operating System Support
In Nessus 6.6, Nessus Agents now support Windows 10 and Debian 8. In addition, Nessus Professional and any Nessus scanners you're running also support Windows 10 and Debian 8/Kali 2.0.
Configuration Auditing for Docker
Nessus can now audit Docker host(s) and containers. Nessus 6.6 ships with support for CIS audits for Docker and also includes several updates in the Nessus plugin feed that allows users to find and secure Docker installs.
Configuration Auditing for OpenStack
Nessus 6.6 also adds support for auditing OpenStack environments. Nessus now provides recommendations to harden OpenStack deployments based on the OpenStack Security Guide and more.
Expanded Malware Scanning
With Nessus 6.6, malicious file detection is expanded to now scan directories of files on disk. You choose or supply directories you want to scan and Nessus will report any malware or suspicious files discovered in the scan.
- On OS X, Nessus can consume 100% CPU when compiling plugins and not finish
- Ignore empty notification filters when building queries
- Settings for shared scans cannot be updated by a user with 'Can Configure' permissions.
- Per-host licensing restrictions incorrectly being applied to Host Discovery scans
- Add policy and scan template for Badlock
- Clarify UI wording regarding Nessus licenses for offline activation
- Fixed condition where spurious “decrementReference” errors were being logged to nessusd.dump
- Nessus Cloud UI Enhancements - improved workflow and dashboards
- Nessus Cloud no longer supports Internet Explorer 10 and under
- Nessus Agents now support running on Windows 10 and Debian 8
- Nessus Professional, Nessus Manager, and managed Nessus scanners now support running on Windows 10, Debian 8, and Kali 2.0
- Added the ability to detect malware on the filesystem
- Add the "Internal Network PCI Scan" template to Nessus Cloud
- Upgrade Nessus certificates to SHA-256
- Custom compliance audit info not showing in API call showing policy details
- Various related to Agent/Manager comms with IPv6 available
- Scan name missing from email subject and report on emailed Nessus Agent scan results.
- Upgrade from 5.2.12 to 6.5 breaks a Host Discovery scan
- Don't unlink Windows Agent during upgrade if linked
- Fixes for IPv6-related issues on scanners
- Agents can link to manager via /etc/hosts entry, but will not receive scan jobs
- Nessus SYN scanner doesn't respect port rules
- Debian/Ubuntu init script status returning incorrect error code when Nessus is stopped.
- Remote scanners don't update based on update commands issued on status page in Nessus Manager
- Submitting API request for PUT /policies with invalid format will incorrectly return HTTP OK (Status code 200)
- Offline Config Audit filenames not saving correctly after being changed
- Update Host Discovery templates to only use accounts specified in policy by default
- Plugin 46215 Inaccurate Output from Agent Scans
- XSS via import of malicious Nessus DB file
- Nessus server crash via XML entities processing bomb.
- Aliasing additional IP Addresses results in Nessus agents reporting incorrect IP
- TCP Port Scans not working in Nessus Cloud