The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks.
Nessus supports the following types of security audits:
- credentialed and un-credentialed port scanning
- network based vulnerability scanning
- credentialed based patch audits for Windows and most Unix platforms
- credentialed configuration auditing of most Windows, Unix platforms
- robust and comprehensive credentialed security testing of 3rd party applications such as iTunes, JAVA, Skype and Firefox
- custom and embedded web application vulnerability testing
- SQL database configuration auditing
- Cisco Router configuration auditing
- software enumeration on Unix and Windows
- testing anti-virus installs for out-of date signatures and configuration errors
Nessus performs sophisticated remote scans and audits of Unix, Windows and network infrastructures. Nessus discovers network devices and identifies the operating systems, applications, databases and services running on those assets.
Any non-compliant hosts, such as systems running P2P, spyware or malware (worms, Trojans, etc.) are detected and identified. Nessus is capable of scanning all ports on every device and issue remediation strategy suggestions as required.
Nessus includes the ability to perform in-depth web application audits that identify vulnerabilities in custom built applications. Custom web applications can have their operating systems, application and SQL database audited and hardened against a variety of best practice recommendations from CIS and DISA.
Unlike many other security scanners, it does not make assumptions regarding port use, but will detect and test independently. Once the devices are profile and baseline, subsequent scans can determine any changes to those devices.
Nessus provides the data ability to accurately identify inventory and system level configurations. The data, when managed by Tenable’s SecurityCenter, provides system audit reports for regulatory compliance.