Welcome to Nessus 10.4.x
Last updated: March 20, 2023
If you are new to Nessus®, see Get Started with Nessus.
To get started with creating a scan, see Create a Scan.
-
To create a compliance scan, configure Compliance settings for the scan.
-
To create a host discovery scan, see Example: Host Discovery.
Nessus Solutions
Tenable.io
Tenable.io is a subscription-based license and is available at the Tenable Store.
Tenable.io enables security and audit teams to share multiple Nessus scanners, scan schedules, scan policies and most importantly scan results among an unlimited set of users or groups.
By making different resources available for sharing among users and groups, Tenable.io allows for endless possibilities for creating highly customized work flows for your vulnerability management program, regardless of locations, complexity, or any of the numerous regulatory or compliance drivers that demand keeping your business secure.
In addition, Tenable.io can control multiple Nessus scanners, schedule scans, push policies and view scan findings—all from the cloud, enabling the deployment of Nessus scanners throughout your network to multiple physical locations, or even public or private clouds.
The Tenable.io subscription includes:
- Unlimited scanning of your perimeter systems
- Web application audits
- Ability to prepare for security assessments against current PCI standards
- Up to 2 quarterly report submissions for PCI ASV validation through Tenable, Inc..
- 24/7 access to the Tenable Community site for Nessus knowledge base and support ticket creation
Nessus Professional
Nessus Professional, the industry’s most widely deployed vulnerability assessment solution helps you reduce your organization’s attack surface and ensure compliance. Nessus features high-speed asset discovery, configuration auditing, target profiling, malware detection, sensitive data discovery, and more.
Nessus supports more technologies than competitive solutions, scanning operating systems, network devices, hypervisors, databases, web servers, and critical infrastructure for vulnerabilities, threats, and compliance violations.
With the world’s largest continuously updated library of vulnerability and configuration checks, and the support of Tenable, Inc.’s expert vulnerability research team, Nessus sets the standard for vulnerability scanning speed and accuracy.
Nessus Expert
Nessus Expert combines the industry’s most widely deployed vulnerability assessment solution with new features and functionality that are specifically engineered to address the extended modern attack surface. With Nessus Expert you can not only reduce your organization’s IP-based attack surface and ensure compliance, but also identify vulnerabilities and policy violations in Infrastructure as Code (IaC) and identify previously unknown internet-facing assets.
Nessus Expert supports more technologies than competitive solutions, scanning operating systems, network devices, IaC repositories, hypervisors, databases, web servers, and critical infrastructure for vulnerabilities, threats, and compliance violations.
With the world’s largest continuously updated library of vulnerability and configuration checks, and the support of Tenable's expert vulnerability research team, Nessus Expert sets the standard for vulnerability scanning speed, accuracy, and is the only tool designed to address today’s modern attack surface.
Nessus Manager
Note:Nessus Manager is no longer sold as of February 1, 2018. For existing standalone Nessus Manager customers, Tenable continues to provide service through the duration of your contract. Tenable continues to support and provision Nessus Manager for the purpose of managing agents.
Nessus Manager combines the powerful detection, scanning, and auditing features of Nessus, the world’s most widely deployed vulnerability scanner, with extensive management and collaboration functions to reduce your attack surface.
Nessus Manager enables the sharing of resources including Nessus scanners, scan schedules, policies, and scan results among multiple users or groups. Users can engage and share resources and responsibilities with their co-workers; system owners, internal auditors, risk and compliance personnel, IT administrators, network admins, and security analysts. These collaborative features reduce the time and cost of security scanning and compliance auditing by streamlining scanning, malware and misconfiguration discovery, and remediation.
Nessus Manager protects physical, virtual, mobile, and cloud environments. Nessus Manager is available for on-premises deployment or from the cloud, as Tenable.io. Nessus Manager supports the widest range of systems, devices and assets, and with both agent-less and Nessus Agent deployment options, easily extends to mobile, transient, and other hard-to-reach environments.
Nessus Agent
For Nessus Agent documentation, see the Nessus Agent User Guide.
Nessus Agents, available with Tenable.io and Nessus Manager, increase scan flexibility by making it easy to scan assets without needing ongoing host credentials or assets that are offline, and enable large-scale concurrent scanning with little network impact.
Nessus Agents are lightweight, low-footprint programs that you install locally on hosts to supplement traditional network-based scanning or to provide visibility into gaps that traditional scanning misses. Nessus Agents collect vulnerability, compliance, and system data, and report that information back to a manager for analysis. With Nessus Agents, you extend scan flexibility and coverage. You can scan hosts without using credentials, and offline assets and endpoints that intermittently connect to the internet. You can also run large-scale concurrent agent scans with little network impact.
Nessus Agents help you address the challenges of traditional network-based scanning, specifically for the assets where it's impossible or nearly impossible to consistently collect information about your organization's security posture. Traditional scanning typically occurs at selected intervals or during designated windows and requires systems to be accessible when a scan is executed. If laptops or other transient devices are not accessible when a scan is executed, they are excluded from the scan, leaving you blind to vulnerabilities on those devices. Nessus Agents help reduce your organization’s attack surface by scanning assets that are off the network or powered-down during scheduled assessments or by scanning other difficult-to-scan assets.
Once installed on servers, portable devices, or other assets found in today’s complex IT environments, Nessus Agents identify vulnerabilities, policy violations, misconfigurations, and malware on the hosts where you install them and report results back to the managing product. You can manage Nessus Agents with Nessus Manager or Tenable.io.