Review: Tenable Nessus 3

By

Nessus is one of the granddaddies of vulnerability scanners. Today, Nessus is not only a powerful open source product in its own right, it is the basis for some of the most powerful commercial vulnerability scanners available.

For: Strengths: The most widely supported scanner in the world, powerful active scan capabilities and high value as an open source product.
Against: Weaknesses: Requires Security Center for best results, can be tricky to implement initially.
Verdict: Verdict: The most widely used active scanner, both as a standalone product and as a scan engine for other commer

Review: Tenable Nessus 3
We reviewed Nessus in order to assess the current state of the product. What we found was that Nessus in its Linux incarnation is, largely, a powerful scan engine. It works most effectively in the company of other products, such as the Tenable Security Center.

The MS Windows version (NeWT) of Nessus has now become Nessus 3 for Windows. Sporting a new version of NASL (the Nessus vulnerability description language), Nessus 3 is considerably faster and more efficient than its predecessor.

Nessus is the most widely supported vulnerability scanner in the world as far as we know. With about 13,000 individual vulnerability checks, Nessus draws heavily on the open source community.

The Nessus documentation is very good and there are lots of additional documents available from non-Tenable sources.

Nessus 3 is a free download, but Tenable’s Direct Feed plug-in service costs US$1,200 per year, a real bargain. If Nessus is added to the Security Center, the Direct Feed is included at no charge.

There are two situations in which you would want to use Nessus 3. The first is as part of a Tenable Security Center implementation. It is, obviously, the active scanner of choice in that case. The second is as an additional scanner. Many vulnerability test experts recommend using more than one scanner to account for false positives.

Nessus 3 in its native configuration as a standalone scanner can be installed on Linux platforms and accessed from an open source Windows client. Thus, you can place Nessus scan engines at strategic points on the enterprise and run them from a single Windows console. We found, however, that the most power comes from using Nessus with the Security Center. Recommended.

Tenable Nessus 3 has been rated Recommended by SC Magazine.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
assessmentsecurityvulnerability

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
Victoria's Secret pulls down website amid security incident

Victoria's Secret pulls down website amid security incident
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?