Policy Compliance Checks

The Tenable Nessus vulnerability scanner can be used to perform agent-less configuration audits of Unix and Windows systems, applications and SQL databases. If your organization has a configuration policy for server settings or if you wish to audit your systems against public and government best practices from the NSA, CERT and CIS, Nessus can perform these audits for you.

Tenable SecurityCenter and Tenable Nessus ProfessionalFeed Support

The compliance checks for Tenable Nessus are available to Tenable Network Security customers who subscribe to the Tenable Nessus ProfessionalFeed or who have implemented Tenable SecurityCenter. ProfessionalFeed subscribers can run the configuration audits as part of their regular vulnerability scans and patch audits with Nessus. SecurityCenter customers can use specific compliance audits against specific assets. This allows for auditing and reporting of unique assets, such as the HR database servers, email servers, firewalls, Active Directory servers and so on.

PCI Auditing

Tenable Nessus ProfessionalFeed subscribers can perform audits based on the PCI DSS standards, web application assessments and also perform configuration audits of the operating systems, applications and SQL databases against minimum PCI recommended standards.

Performing a PCI Scan of a LAMP Server

Tenable offers a variety of complete enterprise solutions covering PCI standards that build upon our additional log analysis, user monitoring and network behavioral profiling solutions. For details read the Auditing Infected Systems for Viruses and Trojans with Nessus post.

Configuration Auditing

Tenable Nessus can perform configuration scans of Unix and Windows servers, applications and SQL databases to test for specific policy settings. Supported configuration audit policies include, but are not limited to:

• Anti-Virus Vendor Audits 
• CERT recommendations 
• CIS best practice guides 
• DISA STIGs 
• GLBA guidelines 
• HIPAA profiles 
• NIST SCAP and FDCC content 
• NSA best practice guides 
• PCI configuration requirements 
• recommended vendor settings 
• Cisco Router configurations
• Cisco Firewall configurations

The types of configuration audits performed by Tenable Nessus include Windows user policies, file permissions, registry permissions, service permissions and specific security policies such as Kerberos and event auditing policies. Windows tests can also include custom WMI queries and scanning for computers that have been infected with viruses and malware. For Unix systems, user policies, file permissions, running processes and file content checks can be audited. SQL audits can detect a wide variety of issues such as if various stored procedures have been disabled. Combinations of each of these types of audits can be combined to perform tests against thousands of files, registry settings, users and so on. Audits of Cisco routers ensure that authentication, services, SNMP and other settings are hardened to best practice standards.

Content Auditing

The Tenable Nessus vulnerability scanner can also be used to perform agent-less content audits of Windows systems. If your organization has a data leakage or data usage policy, Nessus can perform these audits for you and help identify where this information is located. This helps to audit and enforce policies that lower your organization's risk of breach or data loss.

Tenable Nessus scanners have the ability to log into systems and audit their content for:

• Adult Content 
• Credit Cards 
• Corporate Financial Spreadsheets 
• Drivers License Numbers 
• Document keywords such as "TOP SECRET" or "CONFIDENTIAL" 
• Human Resource information such as salaries 
• Social Security Numbers 
• And more!

These policies can also be easily extended to support searches for your organization's specific types of data.

Technical Documentation, Tools and Compliance Audit Files

The plugin checks which perform these audits are available through the Tenable Nessus ProfessionalFeed or to Tenable SecurityCenter customers. Documentation about the syntax and use of the compliance checks, tools for automated creation of audit files and access to the currently available audit files is available to Tenable Network Security customers through the Tenable Support Portal. Tenable's Discussion Forums also include conversations and content related to auditing computer systems and applications.