Nessus is een securityscanner die een netwerk kan scannen op bekende exploits en openstaande services. Resultaten kunnen vervolgens in verscheidene rapporten weergegeven worden. Ook kan de software geïntegreerd worden met andere pakketten, zoals CyberArk voor credentialmanagement en emm-oplossingen van Microsoft, Apple, BlackBerry, MobileIron en VMware. Nessus wordt in drie verschillende smaken uitgegeven: de gratis te gebruiken Home-editie, en de betaalde Professional- en Manager-edities. Tenable heeft Nessus 8.14.0 uitgebracht in early access met de volgende aanpassingen:
New FeaturesThe following are the new features included in Nessus 8.14.0:
CVSSv2 and CVSSv3 Support: Configurable Severity Base
VPR Support for Nessus
- You can choose whether Nessus calculates the severity of vulnerabilities using CVSSv2 or CVSSv3 scores by configuring your default severity base setting. When you change the default severity base, the change applies to all existing scans that are configured with the default severity base. Future scans also use the default severity base. For more information, see Configure Your Default Severity Base in the Nessus User Guide.
- You can also configure individual scans to use a particular severity base, which overrides the default severity base for those scan results. For more information, see Configure Severity Base for an Individual Scan in the Nessus User Guide.
- By default, new installations of Nessus 8.14 or later use CVSSv3 scores (when available) to calculate severity for vulnerabilities. Preexisting upgraded installations from earlier than 8.14 retain the previous default of CVSSv2 scores.
Top 10 Vulnerability Report
- Vulnerability Priority Rating (VPR), the output of Tenable Predictive Prioritization, is a dynamic companion to the data provided by the vulnerability's CVSS score, since Tenable updates the VPR to reflect the current threat landscape. VPR helps organizations improve their remediation efficiency and effectiveness by rating vulnerabilities based on severity level – Critical, High, Medium and Low. For more information, see CVSS Scores vs. VPR in the Nessus User Guide.
- You can now view a new tab for scan results, Top Threats by VPR, which displays the 10 most severe vulnerabilities as determined by their VPR score. For more information, see View VPR Top Threats in the Nessus User Guide.
- VPR is a dynamic score that changes over time to reflect the current threat landscape. However, VPR Top Threats reflect the VPR score for the vulnerability at the time the scan was run. To get updated VPR scores for vulnerabilities in a scan, re-run the scan.
- To ensure VPR data is available for your scans, enable plugin updates.
Apple M1 Chip Support
- Customers can leverage Nessus Professional reporting capabilities to quickly understand and easily communicate the Top 10 vulnerabilities found in a scan. This helps to identify what vulnerabilities need to be remediated first and eliminates additional work of exporting and manually sending out this information. The report includes:
- Top 10 Critical Vulnerabilities based on VPR and CVSSv2 or CVSSv3 for that scan.
- Top 10 High Vulnerabilities based on VPR and CVSSv2 or CVSSv3 for that scan.
- Most Prevalent Plugins by Number of Hosts by VPR and CVSSv2 or CVSSv3 for that scan.
New plugin release notes
- Nessus now can be run as a native application on the Apple M1 chip without the need of running it in compatibility mode.
- Tenable releases Nessus plugins multiple times a day. You can access a list of recently updated plugins directly from Nessus.
Changed Functionality and Performance EnhancementsThe following additional enhancements are included in Nessus 8.14.0:
- The Nessus user interface was updated to use more inclusive language.
- Nessus backups now include concatenated certificate container .pem files.
- Nessus was updated to use the latest version of OpenSSL 1.1.1j.
- Fixed an issue where a parent node would show only a limited number of agents when filtering via the user interface. 01171932 Nessus Manager
- Fixed an issue where a parent node would not show the correct number of host/nodes attached to it. 01151990 Nessus Manager
- Fixed an issue where group settings would not get honored when linking windows agents to a clustered Nessus Manager. 01146420 Nessus Manager
- Fixed an issue where agent scans would get aborted when using a cluster group. 01139329 Nessus Manager
- Fixed an issue where agent scans would get aborted during plugin updates. 01130429, 01110648 Nessus Manager, managed scanners
- Fixed an issue where scheduled scans would not fire once a month in Nessus Manager. 00947418 Nessus Manager
- Fixed an issue where offline Nessus activation was using an HTTP address instead of HTTPS. 01157224 Nessus Professional, managed scanners
- Fixed an issue where trying IPv6 address as proxy for managed scanner setup to Tenable.io would cause an error. 01121193 Managed scanners