Tenable just released new version of Nessus. Most changes was made in cloud-based version of their popular scanner – Nessus Cloud. Official screenshots are not available yet, so I made couple of them from the tutorial video. If you’re a current Tenable customer, you can log in to the Tenable Support Portal, click the Training Videos link and watch “Workflow changes in Nessus Cloud 6.6” by yourself.
The most interesting change, in my opinion – the new dashboards. Where you’d normally seen a list of scan jobs, you’ll see a new dashboard, that will give you a quick overview of scan results:
- Changes in number of critical, high, medium and low vulnerabilities detected in the system
- Part of the vulnerabilities that are exploitable, older than 30 days, detected with authenticated scan and has a remediation recommendations
- Top vulnerability detection plugins
Scan results moved to the separate “Scans” tab. And on the same tab we see the “Resources”: Policies, Asset Lists, Exclusions, Scanners and Agents.
As we can see, policy templates now are placed on the separate tabs depending on the type: Scanner, Agent, Web Application and All Templates.
Managing linked (slave) scanners become easier. As we see, scanners can be combined now in a Scanner Groups. Linked Scanners list displays scanner name, status, amount of performed scans, last modification date.
I hope that this useful improvements will appear in Nessus Professional either. Although it’s possible, that Tenable won’t add these make this changes in Nessus Professional, avoiding competition with Security Center and Nessus Manager.
Other features of all Nesus 6.6. releases:
- New supported OS: Windows 10, Debian 8, Kali 2.0.
- New configuration checks for Docker and OpenStack
Hi! My name is Alexander and I am a Vulnerability Management specialist. You can read more about me here. Currently, the best way to follow me is my Telegram channel @avleonovcom. I update it more often than this site. If you haven’t used Telegram yet, give it a try. It’s great. You can discuss my posts or ask questions at @avleonovchat.
А всех русскоязычных я приглашаю в ещё один телеграмм канал @avleonovrus, первым делом теперь пишу туда.
Pingback: Tenable Nessus: registration, installation, scanning | Alexander V. Leonov
Pingback: Tenable Nessus: registration, installation, scanning and reporting | Alexander V. Leonov
Pingback: Qualys Vulnerability Management GUI and API | Alexander V. Leonov
Pingback: New Vulners.com services for Linux Security Audit and Vulnerability Alerting | Alexander V. Leonov
Pingback: Nessus Manager and Agents | Alexander V. Leonov
Pingback: Bye-bye Nessus Cloud, hello Tenable.io | Alexander V. Leonov
Pingback: What’s actually new in Tenable.io VM application | Alexander V. Leonov