Nessus Plugins Download

[Claribel Lizama]

Afamily with some plugins disabled is purple and shows Mixed to indicate only some plugins are enabled. Clicking on the plugin family loads the complete list of plugins, and allow for granular selection based on your scanning preferences.

Copyright 2024 Tenable, Inc. All rights reserved. Tenable, Tenable Nessus, Tenable Lumin, Assure, and the Tenable logo are registered trademarks of Tenable, Inc. or its affiliates. All other products or services are trademarks of their respective owners.

The following topic describes how Tenable Nessus receives plugin and software updates based on configuration and license type. Tenable Nessus plugins and software updates differently depending on how it is configured during the initial setup.

You can also trigger a manual update by navigating to the Settings > About page and clicking next to the Last Updated section. You can check the current installed plugin set in the same section.

By default, Tenable Nessus receives software updates from downloads.nessus.org automatically. If the following criteria is met, there is a banner at the top of the Tenable Nessus user interface when an update is available:

Tenable Nessus linked to Tenable Vulnerability Management receives software updates from cloud.tenable.com automatically. Tenable Nessus checks in to Tenable Vulnerability Management once every 24 hours for core software updates by default.

Tenable Nessus Agents receive software updates from their Tenable Nessus Manager. Agents check in for core software updates every 24 hours, dependent on when the agent was deployed. If the agent is offline at its usual update time, such as if the agent host is off, it checks for software updates when it comes back online, and that becomes the agent's new update time.

Agents remain without plugin sets until an agent needs plugin sets for scanning. When the agent needs to scan for the first time and the agent does not have plugin sets, the agent downloads the plugin set needed for the requested scan type (this can be the full vulnerability plugin set or the inventory plugin set).

The agent deletes unused plugin sets after a configurable amount of time (for more information, see the days_to_keep_unused_plugins advanced setting). After the amount of time passes, the agent deletes the unused plugin sets.

Tenable Nessus Agents receive software updates from Tenable Vulnerability Management. Agents check in for core software updates every 24 hours, dependent on when the agent was deployed. If the agent is offline at its usual update time, such as if the agent host is off, it checks for software updates when it comes back online, and that becomes the agent's new update time.

Returns a paginated list of Tenable plugins with detailed plugin information. You can filter the list on the value of the last_updated date field. The list is sorted by plugin ID. Note that the last_updated parameter does not take VPR updates into account. See note on the last_updated parameter description for special considerations.

As a first step you could have a look at the template.nasl attached at VT Development to see how .nasl files are build up in OpenVAS/GVM. Additionally a search for some existing .nasl files doing similar than yours on your local plugins folder (described in the linked thread as well) might provide some more insights as well.

I need to create a Nessus scanning policy for a custom set of plugins (90+), is there an easier way to do this rather than selecting each plugin one-by-one? I know there is an API you can use, but I'm not sure how to use it.

Originally launched as an open source tool in 1998, its enterprise edition became a commercial product in 2005. Nessus now encompasses several products that automate point-in-time vulnerability assessments of a network's attack surface, with the goal of enabling enterprise IT teams to stay ahead of cyber attackers by proactively identifying and fixing vulnerabilities as the tool discovers them, rather than after attackers exploit them.

Nessus identifies software flaws, missing patches, malware, denial-of-service vulnerabilities, default passwords and misconfiguration errors, among other potential flaws. When Nessus discovers vulnerabilities, it issues an alert that IT teams can then investigate and determine what -- if any -- further action is required.

Nessus is known for its vast plugin database. These plugins are dynamically and automatically compiled in the tool to improve its scan performance and reduce the time required to assess, research and remediate vulnerabilities. Plugins can be customized to create specific checks unique to an organization's application ecosystem.

Nessus contains a feature called Predictive Prioritization, which uses algorithms to categorize vulnerabilities by their severity to aid IT teams in determining which threats are most urgent to address. Each vulnerability is assigned a Vulnerability Priority Rating (VPR), which uses a scale from 0 to 10, with 10 being the highest risk, to rate its severity: critical, high, medium or low. IT teams can also use pre-built policies and templates to quickly find vulnerabilities and understand the threat situation.

Another Nessus feature is Live Results, which performs intelligent vulnerability assessment in offline mode with every plugin update. It removes the need to run a scan to validate a vulnerability, creating a more efficient process to assess, prioritize and remediate security issues.

Nessus also provides the ability to create configurable reports in a variety of formats, including Hypertext Markup Language, comma-separated values and Nessus Extensbile Markup Language. Reports can be filtered and customized depending on what information is most useful, such as vulnerability types, vulnerabilities by host, vulnerabilities by client, etc.

Meanwhile, the Nessus packet capture feature enables teams to debug and troubleshoot scanning issues quickly. In this way, it minimizes interruptions and provides continuous protection for the enterprise IT environment.

Nessus provides a fast, user-friendly way to find and fix vulnerabilities in many kinds of IT assets, including cloud-based and virtualized resources. As of April 2023, it covers more than 76,000 Common Vulnerabilities and Exposures. Tenable Research, the cybersecurity research arm of Nessus' manufacturer, maintains and continually updates a library of more than 185,000 plugins that can be used to augment the platform. Plugins contain scripts to identify, remediate and test for the presence of specific vulnerabilities. Tenable releases about 100 new plugins weekly and within 24 hours of vulnerability disclosure. Plugins can be downloaded through the Nessus interface or a web-based catalog.

Nessus provides more than 450 pre-configured templates for commonly used vulnerability scans and configuration audits to simplify use of the platform. For example, the Audit Cloud Infrastructure template can be used to audit the configuration of Amazon Web Services, Google Cloud Platform, Microsoft Azure, Rackspace, Salesforce and Zoom. The interface is easy to navigate and provides a simple set of remediation actions to fix the vulnerabilities and protect the affected system. Teams can also audit configuration compliance against Center for Internet Security benchmarks and other best practices.

Another benefit of Nessus is that it has a low false-positive rate of 0.32 defects per 1 million scans. Too many false positives can overwhelm security teams and lead to alert fatigue, causing legitimate threats to be overlooked.

Finally, Nessus is a highly portable vulnerability scanner, making it a useful tool for security professionals who are required to move between locations. Examples include penetration testers and security consultants.

Nessus is available in two enterprise versions: Professional and Expert. Both offer unlimited IP address scanning and other key features, such as access to an extensive plugin database. Nessus Expert offers a few additional features for organizations with more advanced needs.

The Professional version is ideal for security consultants, security practitioners and pen testers looking for a tool that provides unlimited point-in-time assessments, configurable assessments and live results. This tool can be used anywhere and provides configurable reports that can be used by security teams to understand vulnerabilities and address them.

Nessus Expert fills in these gaps and provides greater breadth and depth of coverage into the enterprise attack surface. Expert includes everything in the Professional version and additional features to address risks outside of traditional IT assets. It does this by assessing all infrastructure-as-code repositories for vulnerabilities before they are pushed to production and by discovering internet-exposed IT assets, including cloud services.

Both versions of Nessus evaluate the severity of various threats using Tenable's VPR tool, a component of Nessus' Predictive Prioritization feature. VPR assigns a score to each finding, based on its potential threat and impact, to identify the vulnerabilities that pose the greatest risk to an organization's IT and internet-facing environments. The goal of VPR is to help IT teams prioritize the vulnerabilities most in need of immediate remediation.

Nessus generates VPR scores after analyzing various sources of raw data -- including threat intelligence feeds, exploit repositories and security advisories -- using machine learning models and comparing that result with the Common Vulnerability Scoring System framework.

The Nessus Attack Scripting Language, usually referred to as NASL, is a scripting language that is used by vulnerability scanners like Nessus and OpenVAS. With NASL specific attacks can be automated, based on known vulnerabilities.

3a8082e126