As information about new vulnerabilities is discovered and released into the public domain, Tenable Network Security's research team designs plugin updates for Tenable Nessus and the Tenable Passive Vulnerability Scanner to test and monitor for them. These plugins contain logic to enable Nessus and the Passive Vulnerability Scanner to analyze systems and network traffic to identify vulnerabilities. Plugins are distributed to Tenable customers through the Nessus ProfessionalFeed subscription and through Nessus and Passive Vulnerability Scanners managed by Tenable SecurityCenter.    

Tenable Nessus plugins are written in the Nessus Attack Scripting Language (NASL). The Nessus plugins contain vulnerability information, a set of remediation actions and the algorithm to test for the presence of the security issue. In some cases, one plugin may depend on another. Typically, Tenable Network Security will produce plugins for vulnerabilities within 24 hours of its public release. Tenable also attempts to write plugins that detect vulnerabilities through un-credentialed network scanning and plugins that leverage system credentials.

Tenable Passive Vulnerability Scanner plugins are developed simultaneously during Tenable Nessus plugin development such that a vulnerability may be detected with passive network monitoring, a network scan or with a credentialed system audit. 

Tenable’s research team ships plugins with no known false positive or negative conditions. All plugins are tested in an automated test environment. If Tenable Nessus or Tenable Passive Vulnerability Scanner users report any issues with accuracy, description, detection or performance of a plugin, the plugin is analyzed and enhanced, often the same day issues are reported.