Welcome to Tenable Nessus 10.3.x
Last updated: May 26, 2023
If you are new to Tenable Nessus® (formerly known as Nessus), see Get Started with Tenable Nessus.
To get started with creating a scan, see Create a Scan.
To create a compliance scan, configure Compliance settings for the scan.
To create a host discovery scan, see Example: Host Discovery.
Tenable Vulnerability Management is a subscription-based license and is available at the Tenable Store.
Tenable Vulnerability Management enables security and audit teams to share multiple Nessus scanners, scan schedules, scan policies and most importantly scan results among an unlimited set of users or groups.
By making different resources available for sharing among users and groups, Tenable Vulnerability Management allows for endless possibilities for creating highly customized work flows for your vulnerability management program, regardless of locations, complexity, or any of the numerous regulatory or compliance drivers that demand keeping your business secure.
In addition, Tenable Vulnerability Management can control multiple Nessus scanners, schedule scans, push policies and view scan findings—all from the cloud, enabling the deployment of Nessus scanners throughout your network to multiple physical locations, or even public or private clouds.
The Tenable Vulnerability Management subscription includes:
- Unlimited scanning of your perimeter systems
- Web application audits
- Ability to prepare for security assessments against current PCI standards
- Up to two quarterly report submissions for PCI ASV validation through Tenable, Inc.
- 24/7 access to the Tenable Community site for Nessus knowledge base and support ticket creation
Tenable Vulnerability Management Product Page
Nessus Professional, the industry’s most widely deployed vulnerability assessment solution helps you reduce your organization’s attack surface and ensure compliance. Nessus features high-speed asset discovery, configuration auditing, target profiling, malware detection, sensitive data discovery, and more.
Nessus supports more technologies than competitive solutions, scanning operating systems, network devices, hypervisors, databases, web servers, and critical infrastructure for vulnerabilities, threats, and compliance violations.
With the world’s largest continuously updated library of vulnerability and configuration checks, and the support of Tenable, Inc.’s expert vulnerability research team, Nessus sets the standard for vulnerability scanning speed and accuracy.
Tenable Nessus Expert combines the industry’s most widely deployed vulnerability assessment solution with new features and functionality that are specifically engineered to address the extended modern attack surface. With Nessus Expert you can not only reduce your organization’s IP-based attack surface and ensure compliance, but also identify vulnerabilities and policy violations in Infrastructure as Code (IaC) and identify previously unknown internet-facing assets.
Tenable Nessus Expert supports more technologies than competitive solutions, scanning operating systems, network devices, IaC repositories, hypervisors, databases, web servers, and critical infrastructure for vulnerabilities, threats, and compliance violations.
With the world’s largest continuously updated library of vulnerability and configuration checks, and the support of Tenable's expert vulnerability research team, Tenable Nessus Expert sets the standard for vulnerability scanning speed, accuracy, and is the only tool designed to address today’s modern attack surface.
Note:Tenable Nessus Manager is no longer sold as of February 1, 2018. For existing standalone Tenable Nessus Manager customers, Tenable continues to provide service through the duration of your contract. Tenable continues to support and provision Tenable Nessus Manager for the purpose of managing agents.
Nessus Manager combines the powerful detection, scanning, and auditing features of Nessus, the world’s most widely deployed vulnerability scanner, with extensive management and collaboration functions to reduce your attack surface.
Nessus Manager enables the sharing of resources including Nessus scanners, scan schedules, policies, and scan results among multiple users or groups. Users can engage and share resources and responsibilities with their co-workers; system owners, internal auditors, risk and compliance personnel, IT administrators, network admins, and security analysts. These collaborative features reduce the time and cost of security scanning and compliance auditing by streamlining scanning, malware and misconfiguration discovery, and remediation.
Nessus Manager protects physical, virtual, mobile, and cloud environments. Nessus Manager is available for on-premises deployment or from the cloud, as Tenable Vulnerability Management. Nessus Manager supports the widest range of systems, devices and assets, and with both agent-less and Nessus Agent deployment options, easily extends to mobile, transient, and other hard-to-reach environments.
For Tenable Nessus Agent documentation, see the Tenable Nessus Agent User Guide.
Nessus Agents, available with Tenable Vulnerability Management and Nessus Manager, increase scan flexibility by making it easy to scan assets without needing ongoing host credentials or assets that are offline, and enable large-scale concurrent scanning with little network impact.
Tenable Nessus Agents are lightweight, low-footprint programs that you install locally on hosts to supplement traditional network-based scanning or to provide visibility into gaps that traditional scanning misses. Tenable Nessus Agents collect vulnerability, compliance, and system data, and report that information back to a manager for analysis. With Tenable Nessus Agents, you extend scan flexibility and coverage. You can scan hosts without using credentials, and offline assets and endpoints that intermittently connect to the internet. You can also run large-scale concurrent agent scans with little network impact.
Tenable Nessus Agents help you address the challenges of traditional network-based scanning, specifically for the assets where it's impossible or nearly impossible to consistently collect information about your organization's security posture. Traditional scanning typically occurs at selected intervals or during designated windows and requires systems to be accessible when a scan is executed. If laptops or other transient devices are not accessible when a scan is executed, they are excluded from the scan, leaving you blind to vulnerabilities on those devices. Tenable Nessus Agents help reduce your organization’s attack surface by scanning assets that are off the network or powered-down during scheduled assessments or by scanning other difficult-to-scan assets.
Once installed on servers, portable devices, or other assets found in today’s complex IT environments, Tenable Nessus Agents identify vulnerabilities, policy violations, misconfigurations, and malware on the hosts where you install them and report results back to the managing product. You can manage Tenable Nessus Agents with Tenable Nessus Manager or Tenable Vulnerability Management.