Back to onboarding indexTenable Nessus Expert onboarding portal
Nessus Expert basics and getting started
Leverage these key resources and events to hit the ground running and stay informed of the latest product updates and releases.
Major onboarding steps
To get started with Nessus Expert, follow the steps below.
- 1 Prepare
- 2 Install and configure Nessus Expert
- 3 Create and configure scans
- 4 View and analyze scan results
- 5 Create a report and export findings
- 6 Refine Nessus settings
- 7 Set up web app scanning
- 8 Create an external attack surface discovery scan
- 9 Set Up Infrastructure as Code (IaC) scanning
Ensure that your setup meets the minimum system requirements and obtain your activation code for Nessus Expert.
Resources:
Tenable Nessus can be installed on Windows, Linux, macOS, or Raspberry Pi. It can also be deployed as a Docker image. Follow the installation steps depending on your Tenable Nessus software and operating system and perform the initial configuration steps.
Resources:
Run a host discovery scan to identify assets on your network. Then, create a vulnerability scan by selecting a scan template and configuring the scan to meet your needs. Finally, launch the scan.
Resources:
View and analyze scan results, manage vulnerabilities and scan folders, and create a scan report or export.
Resources:
- Docs: View and analyze scan results
- Demo: Review Basic Network Scan Results
- Video: Comparing scan results
Create a scan report to help you analyze the vulnerabilities and remediations on affected hosts. You can create a scan report in PDF, HTML, or CSV format, and customize it to contain only certain information.
Resources:
Adjust scan settings to address warning messages and monitor scan health.
Resources:
- Docs: Refine Tenable Nessus settings
- Video: Measuring scan success
While Tenable Nessus itself is installed directly on the host operating system, the web scanner portion of Tenable Nessus Expert is installed as a Docker image on the same host. The web application scanner cannot run if the host does not have Docker installed.
Resources:
You can use Tenable Nessus's integration with Bit Discovery to create an attack surface discovery scan. This scan type allows you to scan top-level domains and generate DNS records based on the scan findings. Tenable Nessus Expert allows you to scan up to five different licensed domains.
Resources:
Terrascan is a static code analyzer for Infrastructure as Code (IaC). Companies most commonly use Terrascan in automated pipelines to identify policy violations before they provision insecure infrastructure.
Resources:
Major Onboarding Steps
To get started with Tenable Nessus Expert, follow the steps below.
Ensure that your setup meets the minimum system requirements and obtain your activation code for Tenable Nessus Expert.
Resources:
Tenable Nessus can be installed on Windows, Linux, macOS, or Raspberry Pi. It can also be deployed as a Docker image. Follow the installation steps depending on your Tenable Nessus software and operating system and perform the initial configuration steps.
Resources:
Run a host discovery scan to identify assets on your network. Then, create a scan by selecting a scan template and configuring the scan to meet your needs. Finally, launch the scan.
Resources:
View and analyze scan results, manage vulnerabilities and scan folders, and create a scan report or export.
Resources:
- Docs: View and analyze scan results
- Demo: Review Basic Network Scan Results
- Video: Comparing scan results
Resources:
Adjust scan settings to address warning messages and monitor scan health.
Resources:
- Docs: Refine Tenable Nessus settings
- Video: Measuring scan success
While Tenable Nessus itself is installed directly on the host operating system, the web scanner portion of Tenable Nessus Expert is installed as a Docker image on the same host. The web application scanner cannot run if the host does not have Docker installed.
Resources:
You can use Tenable Nessus's integration with Bit Discovery to create an attack surface discovery scan. This scan type allows you to scan top-level domains and generate DNS records based on the scan findings. Tenable Nessus Expert allows you to scan up to five different licensed domains.
Resources:
Terrascan is a static code analyzer for Infrastructure as Code (IaC). Companies most commonly use Terrascan in automated pipelines to identify policy violations before they provision insecure infrastructure.
Resources:
Best practices
Use these Best practices to get the most from your investment and set the foundation for becoming a power user:
- Utilize the Tenable vulnerability priority rating (VPR) to prioritize the remediation of the highest risk vulnerabilities first.
- The scan or policy’s Credentials page allows you to configure the Tenable Nessus scanner to use authentication credentials during scanning. Configuring credentials allows Tenable Nessus to perform a wider variety of checks that result in more accurate scan results.
- You can compare two scan results to see differences between them. This comparison is not a true differential of the two results; it shows the new vulnerabilities that Tenable Nessus detected between the older baseline scan and the newer scan. Comparing scan results helps you see how a given system or network has changed over time. This information is useful for compliance analysis by showing how vulnerabilities are being remediated, if systems are patched as Tenable Nessus finds new vulnerabilities, or how two scans may not be targeting the same hosts.
- Use the Live Results feature to view scan results for new plugins based on a scan's most recently collected data, without running a new scan. Live Results allow you to see potential new threats and determine if you need to launch a scan manually to confirm the findings.