A feature of Nessus is being able to configure automated scheduling of scans and to provide automated alerting when new vulnerabilities are detected. Scans may also be intrusive or non-intrusive depending on the organization’s needs.Īsset criticality helps guide decisions about the types of scans performed, the frequency of scans, and prioritization of remediation. On the other hand, credentialed scans may find a greater amount of vulnerabilities inside of the network and should be performed with read-only credentials. These scans can be performed without credentials and will provide insight into what someone scanning from outside of the network may find. It’s a good tool to use in order to become more familiar with a vulnerability scanner, learn how to interpret the results, and use the results to help prioritize remediation of vulnerabilities. Essentials will be good for educators, students or someone just getting into cybersecurity. The other 2 versions are paid versions that come with added features.
Nessus Essentials is what I will be using because it is free and you can scan up to 16 different IP addresses. There are a few different versions of Nessus available for use: Other types of vulnerability scanners include Qualys, Rapid7, and OpenVAS. Nessus by Tenable is a vulnerability scanning tool used to scan networks for known vulnerabilities with a variety of plug-ins.
0 kommentar(er)
