In-Depth Assessments

The Tenable Nessus® vulnerability scanner performs sophisticated remote scans and audits of UNIX, Windows, and network infrastructures. Nessus discovers network devices and identifies the operating systems, applications, databases, and services running on those assets.

Any non-compliant hosts, such as, systems running P2P, spyware, or common malware (e.g., Conficker, Stuxnet, or hosted malicious executables), are detected and identified. Nessus scans all ports on every device and issues remediation strategy suggestions, as required.

Nessus includes the ability to perform in-depth web application audits that identify vulnerabilities in custom-built applications. Custom web applications can have their operating systems, application, and SQL database audited and hardened against a variety of best practice recommendations from CIS and DISA.

Unlike many other security scanners, Nessus does not make assumptions regarding port use, but will detect and test independently. Once the devices are profiled and baselined, subsequent scans determine any changes to those devices.

Nessus provides the ability to accurately identify inventory and system-level configurations. The data, when managed by Tenable SecurityCenter, provides system audit reports for regulatory compliance.