Tenable Network Security is a leader in continuous vulnerability scanning and assessment products. Their Nessus vulnerability scanner product line includes Nessus Cloud, a software-as-a-service offering; Nessus Manager, an on-premises solution available as either a physical or virtual machine for vulnerability management; Nessus Professional, software that runs on a customer device such as a PC; and Nessus Home, a free version aimed at consumers.
Tenable, Inc. has created one of the most popular vulnerability scanners on the market, Nessus. It is accessible to organizations of all sizes and provides advanced threat detection, vulnerability scanning, flexibility, and vulnerability management.
Organizations can use Nessus for penetration testing and comprehensive analysis of vulnerabilities across communication channels, online portals, and IT systems.
Tenable helps you Reduce Risk to your Organization
Nessus, the industry-leading vulnerability scanner, has been adopted by thousands of customers globally. It discovers all assets within your organization – including elusive assets such as containers, VMs, mobile, and guest devices – and provides clear and accurate information on their vulnerabilities, prioritizing what needs to be fixed first. Nessus is available as both a cloud-based and on-premises solution for vulnerability scanning and management.
Security Center integrates Nessus scan information into a simple management console. Dashboards and reports highlight what’s most important to know and why allowing you to prioritize remediation efforts. Compliance Report Cards allow you to benchmark and report on your risk and compliance posture.
Nessus Manager
Combines the detection, scanning, and analysis features of Nessus with robust management and collaboration capabilities.
Nessus Cloud
Introduces multi-user support, agent-based scanning, and pre-built integrations to Nessus in an easy-to-deploy cloud-based package.
Nessus Professional
Detects the vulnerabilities, policy-violating configurations, and malware that attackers could use to penetrate your organization.
Features
The Tenable Nessus product line is one of the most comprehensive in the vulnerability management space and has been a trusted presence in the market for many years. In addition to vulnerability scanning of the system with automated scan analysis for remediation prioritization, Nessus includes a web application, cloud environment, and mobile scanning. The Nessus vulnerability scanner family also provides malware detection, scanning of control systems such as SCADA and embedded devices, and configuration reviewing and compliance checks.
The Nessus scanning engine uses modules to detect new vulnerabilities. Tenable pushes modules containing the latest information to customer systems within 24 hours after a vulnerability becomes publicly known. With new vulnerabilities appearing almost daily, customers receive daily module feeds to stay current.
Nessus does not include penetration testing capabilities, but administrators can integrate Nessus scan results with popular penetration testing tools such as Metasploit, Core IMPACT, and Immunity CANVAS to gain insight into risk without the need for exploitation.
Administration & Management
Endpoint agents, which enable offline scanning and collecting of scan results when a mobile device reconnects to the corporate network, can be deployed by administrators of Nessus Cloud and Nessus Manager. The agents also enable Nessus to scan the devices for malware.
Nessus Cloud and Nessus Manager seamlessly integrate with Cyber-Ark for authentication management, with fixed management systems from Dell, IBM, Microsoft, and Red Hat, and with mobile management systems from Air Watch, MobileIron, Apple, Microsoft, and others. All Nessus vulnerability scanner products work with the RESTful API to integrate Nessus into an organization’s overall workflow.
The Nessus console interface and dashboard are designed for usability, allowing administrators to create policies with just a few clicks of a mouse. Administrators can run a variety of preconfigured reports or customize them for their environment, and configure the tool to send targeted email notifications for scan results, remediation actions, and more.
In addition to the Nessus vulnerability scanner line, Tenable also offers Security Center, a unified asset monitoring and vulnerability management analysis control center, and Security Center Continuous View, a monitoring product with real-time threat detection.
- Programming interface
- Access Controls/Permissions
- Movement Dashboard
- Movement Monitoring
- Movement Tracking
- Cautions/Notifications
- Hostile to Spam
- Against Virus
- Review Management
- Review Trail
- Confirmation Software
- Consistency Management
- Information Visualization Software
- Email Alerts
- Occasion Logs
- Occasion Tracking
- Separating
- Firewalls
- HIPAA Compliant
- IT, Server, and Network Monitoring Software
- Occurrence Management Software
- Interruption Detection System
- Checking
- PCI Compliance Software
- Fix Management Software
- Strategy Management Software
- Prioritization
- Ongoing Analytics
- Continuous Data
- Ongoing Monitoring
- Ongoing Notifications
- Constant Reporting
- Distant Monitoring and Management
- Announcing and Statistics
Advanced Threat Detection
Nessus is designed to help organizations stay ahead of threats by continuously monitoring and identifying vulnerabilities. Whether it’s during an upgrade, the addition of new resources, or across mixed environments, Nessus helps organizations identify potential dangers in their networks. With a database of over 55,000 known vulnerabilities and CVEs, Nessus offers advanced threat detection capabilities that keep organizations one step ahead of attackers.
Nessus Professional, designed by security experts for security experts, is the industry-leading solution for vulnerability assessment. It conducts one-time evaluations to help security professionals quickly identify and resolve vulnerabilities, including software flaws, unpatched security holes, malware, and misconfigurations. With features such as pre-built policies and templates, batch scanning capabilities, and real-time updates, Nessus Professional makes vulnerability assessment effortless and intuitive.
Pricing
Conclusion
NessusWeb is a web interface for the Nessus network security scanner, which is freely available for authorized users. It is built using Java Servlets, JSPs, Java Beans, JSSE, and JDBC and provides secure communication, multiple sessions, and centralized management of scan settings and reports. The software package can be found at http://www.cse.sc.edu/~chen7NessusWeb/ and the current version supports the HTML version of the scan report and scan setting report. Future work is focused on providing export options for the scan report in various formats and adding support for advanced security analysis.