Perform Asset-Specific Tenable Nessus Scan

Tenable Nessus is a tool that scans IT devices to detect vulnerabilities. OT Security enables you to run the Tenable Nessus Basic Network Scan on specific IT assets within your OT network. This is an active full system scan that gathers additional information about vulnerabilities on the servers and network devices. This scan uses the WMI and SNMP credentials, if they are available. This action is only available for relevant PC-based machines. You can access the scan results from the Vulnerabilities page. You can also create customized scans to run a specific set of Tenable Nessus Plugins on a particular set of network assets, see Tenable Nessus Plugin Scans.

Note: Tenable Nessus is an invasive tool which works best in IT environments. Tenable recommends that you do not use it on OT devices, as it may interfere with their normal operation.

To run a Tenable Nessus Scan on specific assets:

  1. Go to Inventory > Network Assets.

    The Network Assets page appears.

  2. Select the checkbox next to the asset or assets you want to scan.

  3. In the upper-right corner, click Actions > Nessus Scan.

    The Approve Nessus Scan dialog box appears.

  4. Click Proceed with Scan.

    OT Security runs the Nessus Scan.