[%=Heading.Level1%] ([%=Tenable.Nessus%] [%=Nessus.Version%])

uses the following default encryption for storage and communications.

Function	Default Encryption
Storing user account passwords	SHA-512 and the PBKDF2 function with a 512-bit key
Storing user and service accounts for scan credentials, as described in Credentials	AES-128
Scan results and scan exports	AES-128
Communications between and clients (GUI/API users)	TLS 1.3 (fallback to TLS 1.2 or earlier, as configured) with the strongest encryption method supported by and your browser or API program
Communications between and	TLS 1.3 (fallback to TLS 1.2 if forced by the environment)
Communications between and the plugin update server	TLS 1.2 with ECDHE-RSA-AES256-GCM-SHA384
Communications between and the product registration server	TLS 1.2 with ECDHE-RSA-AES256-GCM-SHA384