Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Nessus Scan Report (Top 5)

by Josef Weiss
May 20, 2014

Vulnerability scanning and reporting are essential steps in evaluating and improving the security of a network. By knowing which vulnerabilities affect hosts on the network, security teams can coordinate their mitigation efforts more effectively. Nessus provides vulnerability scan information and SecurityCenter Continuous View (SecurityCenter CV) has the ability to monitor and report on scan data from Nessus.

The Nessus Scan Report [Top 5] presents extensive data about vulnerabilities detected on the top five most vulnerable hosts on the network. The report can be especially useful to security teams that are new to SecurityCenter CV but are familiar with the format and content of reports generated by Nessus. Security teams can use this report to easily identify vulnerabilities and the affected hosts on their network.

Only information about the vulnerabilities detected on the top five most vulnerable hosts are included. Limiting the scope will allow the report to be focused on areas of particular concern and make the report more manageable to review. The top five most vulnerable hosts are determined by vulnerability score. The vulnerability score for a host is computed by adding up the number of vulnerabilities at each severity level and multiplying by the severity score. The default severity scores at each level are:

  • Info – 0
  • Low – 1
  • Medium – 3
  • High – 10
  • Critical – 40

Severity scores for Low, Medium, High and Critical can be configured for each organization by an administrator.

The chapters in this report provide both a high-level overview and an in-depth analysis of the vulnerability status of the network. Charts are used to illustrate the ratio of vulnerability severities as well as list the most vulnerable hosts by vulnerability score. An iterator is used to provide detailed information on each host scanned. For each host, the IP address, DNS name, NetBIOS name, MAC address, repository, vulnerability total and last scanned time are listed. A severity summary of each host shows how many vulnerabilities of each severity level impacts that host. Vulnerability information on the top 5 hosts listed, including plugin ID, plugin name, plugin family, severity, protocol, port, exploitability, host CPE, plugin text, first discovered and last seen times. Security teams can use this data in order to identify vulnerabilities in their network and tailor their mitigation efforts accordingly.

This report is available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards and assets. This report can be easily located in the SecurityCenter Feed under the category Threat Detection & Vulnerability Assessments. The report requirements are:

  • SecurityCenter 4.8.2
  • Nessus 6.11.2

SecurityCenter CV provides continuous network monitoring, vulnerability identification, risk reduction and compliance monitoring. Nessus is continuously updated with information about advanced threats, zero-day vulnerabilities and new types of regulatory compliance configuration audits. By integrating with Nessus, SecurityCenter CV provides the most comprehensive view of network security data.

The following chapters are included in this report:

Executive Summary: This chapter provides an overview of the results of Nessus scans.

Vulnerabilities by Host: This chapter uses an iterator to list scanned IP addresses and present detailed information about vulnerabilities detected on each.

Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.