Nessus is a vulnerability management tool that conducts remote security scans on a network. Security administrators will use nessus to scan devices in the network to discover vulnerabilities. It is a extensible tool that also provides scripting language, so you can write tests specific to your system. It has plugin interface to make it easier for users, is open source, and suggests the best way to mitigate vulnerabilities when found.
Nessus works by testing different ports on machines to determine what services it is running and testing the services to ensure no vulnerabilities exists. It is a great tool for dynamic environment because it does not necessarily have to be installed on endpoints and you only need it on one device. You can schedule security audits, detect vulnerabilities and updates/patches, and use it to meet PCI DSS requirement as well. Nessus can discover assets, identify vulnerabilities, prioritize threats, manage policies, and much more. It’s simple as defining scan parameters, launching the scan, and analyzing the scan.
HansITAcademy 