Nessus 5.0 – New Real-time Scanning Options

Vulnerabilities

Tenable network security have just released a new version of Nessus, this version comes with many improvement by simplifying the installation with web based wizard, configuration management over the GUI interface.

Nessus scanner most important feature are plugins that allow to detect new vulnerabilities, on the fifth version Nessus allows you to filter plugins criteria according to users need, so you can select plugin by publication date, public vulnerability database ID (OSVDB, Bugtraq, CERT Advisory, and Secunia), Plugin type (local or remote), and more, to quickly identify easily-exploitable vulnerabilities.

This will make you gain a lot of time so sometimes you have scanned your system 2 weeks ago and you want to check it one more time, here you select just fresh plugins that released after the last scans. When I have used Nessus I found it very fast scanner so this can be a good addition in the functionality. The new Real-time scanning option is also important in todays need, some critical resources require being under a constant monitoring and risk assessment, so here you find this important feature included in options.

Nessus v5.0 already includes the five severity levels — Informational, Low Risk, Medium Risk, High Risk, and Critical Risk, this will help user to understand and check the risks behind any vulnerability discovered.

 

[1] Nessus scan screenshot (click to enlarge)

Many risk managers mainly focus on the reporting features, on this release there are also a bunch of improvements includes the following:

  • “Results filtering and report creation: Results filtering and report creation is more flexible than ever before. Users can apply multiple result filtering criteria, and targeted reports can be generated against the filtered results.
    • Create reports that contain only exploitable vulnerabilities, multiple risk levels (e.g., only show critical and high risk findings), filter on CVE or Bugtraq ID, plugin name, and more!
  • Reports customized by audience: Reports can be customized for executives, systems administrators, or auditors. A user can exclude particular vulnerabilities from a report before it is generated, allowing delivery of results targeted to specific audiences.
  • Example: During an internal scan, Nessus will report that a DNS server allows recursive queries, which is its function on the internal network. As this is a known condition, a user can suppress this result in the generated report to keep focus on true vulnerabilities.
  • With four new pre-configured report formats — Compliance Check, Compliance Check (Executive), Vulnerabilities by Host, and Vulnerabilities by Plugin — users can quickly create reports by chapters.
  • Example: The Company’s compliance policy dictates that passwords be greater than ten characters in length. Nessus v5.0 runs a scan against the baseline, and the Compliance Check (Executive) report shows a pass/fail result to indicate if all hosts on the network are compliant with the minimum password length. With pass/fail results, the Compliance Check (Executive) report provides a quick snapshot of the company’s compliance checklist status.” [1]

Nessus is one of the important tool that you need to have in your software portfalio if you are going to conduct a vulnerability assessment tasks, So be sure to download a free home user version on the official website.

Reference:

 [1] http://blog.tenablesecurity.com/2012/02/nessus-50-released.html

Share