Official Website info and features
High-speed discovery
o Networks with less than a hundred hosts can finish in a few minutes
o Can be accomplished with a laptop or medium powered server
o Current version (4) is about ten times faster than version 2
Configuration auditing
Asset profiling
Sensitive data discovery
Vulnerability analysis
Can be distributed
o Throughout entire enterprise
o Inside DMZs
o Across physically separate networks
Supported types of security audits
o Credentialed and un-credentialed port scanning
o Network based vulnerability scanning
o Credentialed based patch audits for Windows and Unix platforms
o Credentialed configuration auditing of most Windows and Unix platforms
o Robust and comprehensive credentialed security testing of 3rd party applications
o Custom and embedded web application vulnerability testing
o SQL database configuration auditing
o Software enumeration on Unix and Windows
o Testing anti-virus installs for out-of-date signatures and configuration errors
Types of scans
o Ad-hoc scanning
o Daily scans
Can be used for quick-response audits
Can be used in conjunction with Tenable Network Security’s Security Center for added
benefits
o Vulnerability recommendations can be sent to responsible parties
o Remediation can be tracked
o Security patches can be audited
o Multiple Nessus scanners can be used for credentialed scans of specific asset
groups
o Associate specific types of credentials with specific asset groups
o Leverage multiple distributed Nessus scaaners
o Found data provides system audit reports for regulatory compliance
Agentless Audits
o Rapidly deploy scanners
o No need for patching agents
o Creates a flexible environment that is not dependent on target-specific agents
Can make use of Microsoft Windows Domain, Unix Secure Shell keys, or SNMPv2
Community strings for IT audits
Can make use of NTLM hash
If you provide credentials, Nessus can determine
o Missing security patches (exact list) and vulnerable system settings
o Compliant and non-compliant configuration settings
o Presence of sensitive data
o Misconfigurations
Can be configured to test
o IP address ranges
o DNS
o MAC addresses
Can continuously scan network devices
o Save time identifying vulnerabilities as they arise
Scan systems without needing admin credentials
Can test using exploit techniques
Scans and audits Unix, Windows, and network infrastructures
Discovers network devices
Identifies
o Operating systems
o Applications
o Databases
o Services
o Non-compliant hosts
P2P systems
Spyware
Malware
Can scan all ports on every device
Can issue remediation strategy suggestions as required
Can perform in-depth web application audits
o For custom web applications
Identify vulnerabilities
Operating systems, applications, and SQL databases can be audited and
hardened against a variety of best practice recommendations from CIS and
DISA
Doesn’t make assumptions regarding port use
o Will detect and test independently
Once devices are profile and baseline, subsequent scans can determine any changes
Accurately identify inventory and system level configurations
Licensing info
o Free for personal use
o Commercial use must purchase a ProfessionalFeed subscription to
Scan network(s)
Obtain support
Get updates
ProfessionalFeed Notes
$1,200 per year per Nessus scanner
Has a deal with ImmunitySec and DSquare to combine ProfessionalFeed, Canvas, and
DSquare Exploitation pack as one combined offer
o For Pen-testers
Subscribers get immediate access to
o Access to the newest Nessus plugins upon release
o Perform an unlimited amount of complete PCI-DSS compliance audits
o Perform web application audits of custom and embedded applications to test for
Cross site scripting
SQL injection
More
o Conduct operating system, application, and SQL database configuration audits
against the following standards
CERT
CIS
DISA STIGs
GLBA
HIPAA
NIST SCAP FDCC
NSA
PCI
o Conduct content audits such as adult content, personally identifiable information,
corporate spreadsheets, and more
o SCADA vulnerability checks to detect and audit Control System devices
o Virtual Appliance
Nessus 4 VMware Virtual Appliance
Works with VMware ESX, Server, Workstation, and Fusion
o Support
Free subscriptions for charitable organizations and classrooms that provide vulnerability
scanning instructions
Security Center Notes
Can be used in conjunction with Nessus
o Full life-cycle vulnerability and configuration management
o Organizations can
communicate recommendations to responsible parties
Track remediations
Verify security patches and required configurations
Provides continuous, asset-based security and compliance monitoring
Unifies these processes
o Asset discovery
o Vulnerability detection
o Data leakage detection
o Event management
o Configuration auditing
Priced based solely on the number of active IP addresses being managed
Can use Security Center on the Virtual Appliance
Can be deployed on a dedicated and hardened hardware appliance
Create lists of computers and resources based on what’s known or what’s discovered
o Can be static or dynamic
Created based on results of vulnerability data
Every Security Center user receives a list of assets
o This is for them to do security procedures on