Upload
ngonga
View
233
Download
0
Embed Size (px)
Citation preview
Nessus Professional Vulnerability Scanner Nessus Professional, the industry’s most widely deployed vulnerability assessment solution helps you reduce your organization’s attack surface and ensure compliance. Nessus features high-speed asset discovery, configuration auditing, target profiling, malware detection, sensitive data discovery, and more.
Nessus supports more technologies than competitive solutions, scanning operating systems, network devices, next generation firewalls, hypervisors, databases, web servers, and critical infrastructure for vulnerabilities, threats, and compliance violations.
With the world’s largest continuously-updated library of vulnerability and configuration checks, and the support of Tenable’s expert vulnerability research team, Nessus sets the standard for vulnerability scanning speed and accuracy.
Nessus allows the user to sort and filter vulnerability findings using over 20 different criteria. Severity ratings can be customized and the remediation summary provides actionable
results.
Nessus Features Reporting and Monitoring Flexible reporting: Customize reports to sort by vulnerability or host, create an
executive summary, or compare scan results to highlight changes Native (XML), PDF (requires Java be installed on Nessus server), HTML and
CSV formats
Targeted email notifications of scan results, remediation recommendations and
scan configuration improvements
Scanning Capabilities Discovery: Accurate, high-speed asset discovery
Scanning: Vulnerability scanning (including IPv4/IPv6/hybrid networks) Un-credentialed vulnerability discovery Credentialed scanning for system hardening & missing patches Meets PCI DSS requirements for internal vulnerability scanning
Coverage: Broad asset coverage and profiling Network devices: firewalls/routers/switches (Juniper, Check Point, Cisco,
Palo Alto Networks), printers, storage
Nessus has been deployed by more than one million users across the globe for vulnerability, configuration and compliance assessments.
Complete Vulnerability Coverage: Virtualization & cloud
Malware & botnets
Configuration auditing
Web applications
Key Benefits Reduce the attack surface: Prevents attacks
by identifying vulnerabilities that need to be
addressed
Comprehensive: Meets the widest range of
compliance and regulatory standards
Scalable: Start with a Nessus Professional
single user license and move to Nessus
Manager or Nessus Cloud as your
vulnerability management needs increase
Low total cost of ownership (TCO):
Complete vulnerability scanning solution for
one low cost
Constantly updated: New content
continually being added by the Tenable
research team
For More Information: Please visit local representative Contact Us: Please email us at [email protected]
www.e-spincorp.com or visit e-spincorp.com contact us
Copyright © 2015. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trad emarks of Tenable Network Security, Inc. SecurityCenter Continuous View and Passive Vulnerability Scanner are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners. EN -0513 2015 -V 6
The Nessus Advantage Customers choose Nessus because it o�ers:
� Highly -accurate scanning with low false positives � Comprehensive scanning capabilities and features � Scalable to hundreds -of-thousands of systems � Easy deployment and maintenance � Low cost to administer and operate
� O�ine con�guration auditing of network devices � Virtualization: VMware ESX, ESXi, vSphere, vCenter,
Microsoft, Hyper -V , Citrix Xen Server � O perating systems: Windows, OS X , Linux, Solaris,
Free BSD, Cisco iOS, IBM iSeries � Databases: Oracle, SQL Server, MySQL, DB2,
Informix/DRDA, PostgreSQL, MongoDB � Web ap plications: Web servers, web services, OWASP
vulnerabilities � Cloud: Scans the con�guration of cloud applications like
Salesforce and cloud instances like A mazon Web Services, Microsoft Azure and Rackspace
� Compliance: Helps meet government, regulatory and corporate requirements
� Helps to enforce PCI DSS requirements for secure con�guration, system hardening, malware detection, web application scanning and access controls
� Threats: Botnet/malicious, process/anti -virus auditing � Detect viruses, malware, backdoo rs, hosts
communicating with botnet -infected systems, known/unknown processes, web services linking to malicious content
� Compliance auditing: FFIEC, FISMA, CyberScope, GLBA, HIPAA/ HITECH, NERC, SCAP, SOX
� Con�guration auditing: CERT, CIS, COBIT/ITIL, DIS A STIGs, FDCC, ISO, NIST, NSA , PCI
� Control Systems Auditing: SCADA systems, embedded devices and ICS applications
� Sensitive Content Auditing: PII (e.g. credit card numbers, SSNs)
Deployment and Management � Flexible deployment: software, hardware, virtual a ppliance
deployed on premises or in a service provider’s cloud. � Scan options: Supports both non -credentialed, remote scans
and credentialed, local scans for deeper, granular analysis of assets that are online as well as o�ine or remote.
� Con�guration/pol icies: Out -of-the-box policies and con�guration templates.
� Risk scores: Vulnerability ranking based on CV SS, �ve severity levels (Critical, High, Medium, Low, Info), customizable severity levels for recasting of risk.
� Prioritization: Correlation with exploit frameworks
(Metasploit, Core Impact, Canvas, and ExploitHub) and �ltering by exploitability and severity.
� Extensible: RESTful API support for integrating Nessus into your existing vulnerability management work�ow.
Training Tenable o�ers training for those who are new to using Nessus and want the knowledge and skills to maximize use of the product, as well as focused topics like compliance auditing for more advanced users. Courses are available on -demand via the Tenable website.
Taking Nessus to the Next Level For organizations that need to achieve team -oriented vulnerability management, the following Nessus solutions are available:
Nessus Cloud Nessus Cloud provides collaboration and centralized administration over multiple scanners in an easy -to-deploy cloud-hosted model . Engage system/network administrators, forensics & incident response teams, risk & compliance, and desktop support in the vulnerability management process. Integrate vulnerability management wit h patch management, mobile device management, and password vaults . Nessus Cloud can also be used to satisfy network scanning requirements for PCI. Nessus Cloud is a PCI -Certi�ed Approved Scanning Vendor (ASV) solution.
Nessus Manager On premises version o f Nessus Cloud features Nessus scanning capabilities, resource sharing and role -based access control for multiple users.
E-SPIN Group of Companies (Business Centre strategic presence across the region)E-SPIN SDN. BHD. (714753-U) (GST No: 001328111616)E-SPIN INTERNATIONAL LIMITED 億轉國際有限公司 (1970945)E-SPIN INTERNATIONAL PTE. LTD. (201312412W)
Malaysia (cover Malaysia & Brunei)No. 21-2, Jalan PJU 8/3B, Perdana Business Centre, Damansara Perdana 47820 Petaling Jaya, SelangorMalaysiaTel: +603 2168 3687, +603 7728 2866, +6012 226 8998 Fax: +603 7725 4757
Hong Kong (cover Hong Kong, Macau, Taiwan, Japan, Korea and International Trade) Hong Kong Island, Room 1104, Crawford House, 70 Queen Road Central, Central, Hong Kong香港中環皇后大道中70號, 卡佛大廈1104室香港Tel: +852 2165 4773 Fax: +852 3182 5473
Singapore (cover Singapore and International Trade)10 Anson Road, #26-10 International Plaza, Singapore 079903Tel: +65 3158 2203 Fax: +65 6338 6311
China (cover Greater China Region, Mongolia)15/F L`Avenue, 99 Xianxia Road, Chang Ning District, Shanghai 200051 China邮编200051 上海市 长宁区 仙霞路99号 尚嘉中心15层中国Tel: +86 21 60577047 Fax: +86 21 61575134
IndonesiaOffice 8, Level 18-A, Jalan Jend Sudirman Kav. 52-53, Sudirman Central Business District (SCBD)Jakarta Selatan, Daerah Khusus Ibukota Jakarta 12190, IndonesiaTel: +6221 2960 8334 Fax: +6221 2960 8335
Philippines (cover Philippines, Guam & Palau)Penthouse Level, Mavenue Building, 7844 Makati Avenue, Makati City, Metro Manila, 1209 PhilippinesTel: +63 (2) 9170256 Fax: +63 (2) 917 0257
Thailand (cover Thailand, Myanmar (Burma) / Indochina - Vietnam, Cambodia & Laos)195 Unit 4703, 47th Floor, Empire Tower, South Sathorn Road, Yannawa, Sathorn, Bangkok 10120Thailandเลขที่ 195 ชั้น 47 ห้องเลขที่ 4703 อาคารเอ็มไพร์ ทาวเวอร์ ถ.สาทรใต้ แขวงยานนาวา เขตสาทร กทม. 10120ประเทศไทยTel: +66 60 002 4168