Tenable Nessus for BeyondTrust (Windows)

Complete the following steps to configure Windows credentialed network scans using BeyondTrust.

Note: BeyondTrust is only compatible with Nessus Manager. It is not compatible with Nessus Professional.


  1. Log in to Nessus.

  2. Click Scans.

  3. Click + New Scan.

  4. Select a Scan Template for the scan type required for your scan. For this example, the Advanced Network Scan template is used.

  5. Enter a descriptive Name and the IP address(es) or hostname(s) of the scan Targets.

  6. Once the Name and Targets are configured, click Credentials.

  7. In the left-hand menu, select Windows.

  8. Click Authentication method.

    A drop-down appears.

  9. Select BeyondTrust.

  10. Configure each field for Windows authentication. See the Credentials section in the Nessus User Guide for detailed descriptions for each field option.

  1. Click Save.
  2. To verify the integration is working, click Launch to initiate an on-demand scan.

  3. Once the scan has completed, select the completed scan and look for the corresponding message - Microsoft Windows SMB Log In Possible: 10394. This validates that authentication was successful.