Recently Viewed Topics
Scan and Policy Templates
Scan and policy templates appear when you create a scan or policy. Templates are provided for scanners and agents.
Tip: You can use the search box in the top navigation bar to filter templates in the
The templates that are available may vary. The Nessus interface provides brief explanations of each template in the product. This documentation includes a comprehensive explanation of the settings that are available for each template. Additionally, the tables on this page list the templates that are available in Nessus and the settings available for those templates.
Note: If a plugin requires authentication or settings to communicate with another system, the plugin is not available on agents. This includes, but is not limited to:
- Patch management.
- Mobile device management.
- Cloud infrastructure audit.
- Database checks that require authentication.
Scanner Templates
| Template |
Description |
Settings | Credentials | Compliance/SCAP |
|---|---|---|---|---|
| Advanced Scan |
Scans without any recommendations. |
All | All | All |
| Audit Cloud Infrastructure |
Audits the configuration of third-party cloud services. |
Report: Output |
Cloud Services |
AWS Microsoft Azure Rackspace Salesforce.com |
| Badlock Detection |
Performs remote and local checks for CVE-2016-2118 and CVE-2016-0128. |
Basic: General, Permissions Discovery: Port Scanning Assessment: General, Windows, Malware Advanced: Debug Settings |
None |
Unix Unix File Contents Windows Windows File Contents |
| Bash Shellshock Detection |
Performs remote and local checks for CVE-2014-6271 and CVE-2014-7169. |
Discovery: Scan Type Assessment: Web Applications Report: Output |
None | |
| Basic Network Scan |
Performs a full system scan that is suitable for any host. For example, you could use this template to perform an internal vulnerability scan on your organization's systems. |
Discovery: Scan Type Assessment: General, Brute Force, Web Applications, Windows Advanced: Scan Type |
None | |
| Credentialed Patch Audit |
Authenticates hosts and enumerates missing updates. |
Discovery: Scan Type Assessment: Brute Force, Windows, Malware Advanced: Scan Type |
None | |
| DROWN Detection |
Performs remote checks for CVE-2016-0800. |
Discovery: Scan Type Report: Output Advanced: General, Performance, Debug |
None | None |
| Host Discovery |
Performs a simple scan to discover live hosts and open ports. |
Discovery: Scan Type Report: Output |
None | None |
|
Intel AMT Security Bypass |
Performs remote and local checks for CVE-2017-5689. |
Basic: General, Schedule, Notifications Discovery: Scan Type Report: Output |
|
|
| Internal PCI Network Scan |
Performs an internal PCI DSS (11.2.1) vulnerability scan. |
Discovery: Scan Type Assessment: General, Brute Force, Web Applications, Windows Advanced: Scan Type |
SSH | None |
| Malware Scan |
Scans for malware on Windows and Unix systems. Note: See the Application, Malware, and Content Audits video and the Application, Malicious Software, and Content Audits video for more information about scanning for malware in Nessus. |
Discovery: Scan Type Assessment: Malware Report: Output Advanced: Scan Type |
SSH | None |
| MDM Config Audit |
Audits the configuration of mobile device managers. |
Report: Output |
Mobile | Mobile Device Manager |
| Mobile Device Scan |
Assesses mobile devices via Microsoft Exchange or an MDM. |
Advanced: Debug |
None | |
| Offline Config Audit |
Audits the configuration of network devices. |
Report: Output Advanced: Debug |
None |
Adtran AOS Bluecoat ProxySG Brocade Fabricos Check Point Gaia Cisco IOS Dell Force10 FTOS Extreme ExtremeXOS Fireeye Fortigate Fortios HP Procurve Huawei VRP Juniper Junos Netapp Data Ontap Sonicwall Sonicos Watchguard |
| PCI Quarterly External Scan |
Performs quarterly external scans as required by PCI. |
Discovery: Host Discovery Advanced: Scan Type |
None | None |
| Policy Compliance Auditing |
Audits system configurations against a known baseline. |
Discovery: Scan Type Report: Output Advanced: Scan Type |
All |
|
| SCAP and OVAL Auditing |
Audits systems using SCAP and OVAL definitions. |
Discovery: Host Discovery Advanced: Scan Type |
SSH |
Unix (SCAP) Unix (OVAL) Windows (SCAP) Windows (OVAL) |
|
Shadow Brokers Scan |
Scans for vulnerabilities disclosed in the Shadow Brokers leaks. |
Discovery: Scan Type Report: Output |
None |
|
| Spectre and Meltdown | Performs remote and local checks for CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754. |
Discovery: Scan Type Report: Output |
None | |
|
WannaCry Ransomware |
Scans for the WannaCry ransomware. |
Discovery: Scan Type Report: Output |
None |
Agent Templates
| Template |
Description |
Settings | Credentials | Compliance/SCAP |
|---|---|---|---|---|
|
Advanced Agent Scan Note: When you create an agent scan using the Advanced Agent Scan template, you must also select the plugins you want to use for the scan. |
Scans without any recommendations. |
Discovery: Port Scanning Assessment: General, Windows, Malware Advanced: Debug |
None |
Unix Unix File Contents Windows Windows File Contents |
| Basic Agent Scan |
Scans systems connected via Nessus Agents. |
Discovery: Port Scanning Advanced: Debug |
None | None |
| Malware Scan |
Scans for malware on systems connected via Nessus Agents. Note: See the Application, Malware, and Content Audits video and the Application, Malicious Software, and Content Audits video for more information about scanning for malware in Nessus. |
Discovery: Port Scanning Advanced: Debug |
None | None |
| Policy Compliance Auditing |
Audits systems connected via Nessus Agents. |
Discovery: Port Scanning Report: Output Advanced: Debug |
None |
Unix Unix File Contents Windows Windows File Contents |