Industry Standard for Vulnerability Assessment
Nessus Expert and Professional – Limited resources, limited time, and a constantly evolving attack surface – it’s a challenge for security professionals on the front lines to keep up with attackers.
A quick and easy way to proactively find and fix security vulnerabilities is needed. Nessus® Professional automates point-in-time assessments to help quickly identify and fix security holes, including software flaws, missing patches, malware, and misconfigurations across operating systems, devices, and applications.
Number 1 in accuracy
Nessus has the industry’s lowest false alarm rate with six-sigma accuracy (measured at 32 defects per 1 million scans).
Nessus has the deepest and broadest coverage with over 62,000+ CVEs and over 100 new plugins released every week within 24 hours of vulnerability disclosure.
Nessus is trusted by over 30,000 organizations worldwide, with 2 million downloads. 50% of the Fortune 500 and over 30% of the Global 2000 rely on Nessus technology.
Tenable Research works closely with the cybersecurity community to discover new vulnerabilities and provide insights to help organizations mature their vulnerability assessment practices. Tenable’s zero-day vulnerability team has discovered more than 100 zero-day vulnerabilities over the past three years.
Use Tenable’s Vulnerability Priority Rating (VPR) to prioritize vulnerabilities that pose the greatest risk to your environment. VPR combines Tenable-collected vulnerability data with third-party threat and vulnerability data and analyzes it alongside an advanced data science algorithm developed by Tenable Research. Nessus offers coverage for over 47,000 unique IT assets, including:
network devices (e.g. Cisco, Juniper, HP, F5 and SonicWall)
Custom audit files help verify configuration requirements and compliance standards
With over 157,000 plugins automatically updated in real time, Nessus helps you save valuable time evaluating, investigating, and fixing bugs. To ensure performance and accuracy, plugins are dynamically compiled. This reduces the Nessus plugin database footprint by up to 75% while increasing scanning performance.
Custom plugins allow you to create specific checks to assess the security of applications unique to your organization.
MobileIron and VMware AirWatch to assess mobile devices for security vulnerabilities
operating systems (e.g. Windows, MacOS and Linux)
applications ranging from small driver update tools to complex Office suites
Strengthen your defenses by adding local web application security with Tenable Web App Scanning. Seamlessly integrated with the Security Center user interface, Tenable Web App Scanning identifies and remediates security vulnerabilities across your network and web applications, strengthening your security posture while managing your data.
Built for security practitioners, by security practitioners, Nessus was created with security professionals on the front lines in mind to find and fix vulnerabilities faster and more confidently. UX updates have simplified navigation, making it more intuitive. The new Nessus resource center puts relevant information at users’ fingertips. User guides provide practical tips and advice based on the operations and features they perform.
Ready-made, pre-configured templates for IT and mobile assets, including configuration audits, help you quickly understand where security gaps exist
Create reports based on custom views (e.g. specific vulnerability types, vulnerabilities by host/plugin, by team/client) – in various formats (HTML, CSV and Nessus XML).
Tenable Research works closely with the security community to discover new vulnerabilities and provide insights to help organizations with their vulnerability assessment practices. With over 79,000 vulnerabilities recorded, Tenable has the industry’s most extensive CVEs and security configuration to help understand all threats.
For portability and ease of use, Nessus is now available on the Raspberry Pi. This is especially useful for testers, consultants, and others whose work requires mobility between locations.
Live Results performs an intelligent offline vulnerability assessment with every plugin update—no need to run a scan. Simply log in to see the results of potential vulnerabilities based on your scan history. With a single click, you can run a scan to verify the presence of a vulnerability. Faster, more efficient vulnerability assessment, prioritization, and remediation.
Tenable Nessus Professional has been the most recognized and trusted vulnerability scanner in the industry for years. Over that time, technology has advanced, and the attack surface has expanded. That’s why Tenable introduced Tenable Nessus Expert, the first vulnerability assessment solution designed with the modern attack surface in mind.
With Nessus Expert, you can continue to use the industry’s most trusted vulnerability assessment solution for traditional IT infrastructure while also addressing the emerging areas of the modern attack surface. Nessus Expert can identify internet-connected assets and subdomains that may be unknown, unsecure, and unmonitored. It also allows you to scan cloud infrastructure as code repositories (IaC) to identify security issues before moving them to production, where they are more difficult and expensive to remediate. Web application scanning provides dynamic application security testing (DAST), which provides comprehensive visibility and insight into web application security issues.
