Friday, October 10, 2008

Not Your Father's Nessus

Like many, I have used Nessus time and time again to scan networks for vulnerabilities. I just had my eyes completely opened to all of the capabilities that Nessus has grown to accommodate. I had the opportunity to attend Tenable Network Security's Enterprise Security Monitoring and Compliance Auditing courses this past week. In the words of Kung Fu Panda, Nessus is full of "awesomeness and handsomeness".

Once you purchase Nessus' Professional Feed you can audit your network for compliance against tons of standards. I now have a really good appreciation of how one can really fine-tune Nessus. Nessus can add value to any consultant in the auditing, compliance, or pentesting arena. I'm not joking the auditing this was awesome. Having looked at other auditing solutions I can tell you you can not beat the price.

The course also covered Tenable's Security Center, Log Correlation Engine, and the Passive Vulnerability Scanner. Together all these this would be a welcome addition on any enterprise. Knowing the roots of Tenable and where Nessus is now it was very inspiring as a small business owner. I highly recommend their courses to Security personnel.


One tip from the course if you haven't tried it before.

Try out the filter button on your completed scans on the Nessus client. It's kind of new.

No comments:

Post a Comment