• Nessus Professional Printer Scans

    I am seeing a lot of outdated posts online from people inquiring about enabling printer scans and trying this out and being told this is a bad idea and can result in a lot of printer related problems. I am not seeing ...
    last modified by jessaraea
  • ESXi - custom audit - Lockdown Mode

    Good morning.   Support pointed me here.   I am trying to set up a custom audit for our ESXi environment.  I have been successful in modifying provided audits for our needs but am getting stuck with t...
    created by ejs2010
  • Nested THEN/ELSE statements

    Hello all,   Just curious if there is a specific way that THEN/ELSE statements must be built and if they can be nested.   Example:   <if>   <condition type:"AND">    ...
    last modified by catsandit
  • Revision control for Nessus scan policies

    Hi community,   is anyone using a sort of revision control for the Nessus scan policies? Our auditors challenge us to make sure that nobody changes the policy and/or scan settings without approval and that scans...
    last modified by mme
  • Nessus 6.11 Windows Policy Compliance Auditing not working

    Is anyone else having issues getting a Policy Compliance Auditing scan template to work with Windows? The problem started with the upgrade to 6.11. Previously, I could select PCA scan template, add the credentials, se...
    last modified by vanwham
  • Cisco WebEx for Firefox?

    Hi, As noticed  Vulnerability “Cisco WebEx for Firefox RCE (cisco-sa-20170124-webex) (Plugin ID - 96907)” keeps showing for the host even though the Firefox extension has been uninstalled, removed th...
    last modified by makenx
  • Potential False Positive for Security and Quality Rollup for .NET Framework (Sep 2017) #103137

    Hi,   The cumulative update for September is listed as the patch for this plugin. I have the patch KB (4038782) installed (Win10 1607) but am still showing up as affected. It appears the files & versions the...
    last modified by hotdonut600
  • Vulnerability Scoring

    Hello,   I have been looking everywhere for the rational used when assigning severity ratings to plugins. I've heard Nessus uses CVSS but I cannot find this documented anywhere. Does anyone have access to this i...
    created by gineok
  • CentOS false positives

    First question - how do I get a Tenable support account? We have a licensed version of Security Center, as well as of LCE, but I can't find where to create my account on the support.tenable.com page so I can add our l...
    last modified by sypsg
  • Scan job #xxxxx is waiting for scanners to become available

    Hi community, I have a problem after I updated SecurityCenter to 5.5.1 (on a RedHat 7) and Nessus Scanner  to 6.11.1 (on a Windows Server 2012). The scanner regularly showing the working status. Plugin updated...
    last modified by a.aluigi
  • Edit .audit files within Security Center

    This may have been asked before, but I'm not able to find an answer on this.   Is it possible to edit .audit files directly from Tenable Security Center?   Right now, I have to: Open the file Make an adj...
    last modified by catsandit
  • Is Nessus support IoT protocol?

    Hello   Is Nessus support IoT protocol? Such like XMPP, CoAP, MQTT  
    created by eklpoaro
  • False Positives SQL 2014 DISA STIG Audit File

    Good Afternoon,   So I'm having issues with the configuration file for SQL 2014, I keep getting false positives according to the Database Administrator. To use SQL4-00-012200 as an example, the output from Securi...
    last modified by playerx2006
  • Is it possible to conduct a credentialed scan of vcenter

    I'm currently using the Vcenter SOAP API in the full safe vulnerability scan. I know the credentials have admin rights to the vcenter console. When the scan completes the Nessus scan information states that the scan w...
    created by kba3294
  • How can we implement a yara rule with import "module" functionality, in Nessus? for ex: import "hash"

    How can we implement a Yara rule with import "module" functionality, in Nessus? for ex: import "hash" Is there any prerequisites which need to be enabled before scanning ?
    last modified by beena
  • When creating a custom port scan, is the Port Scan Range field restricted to a certain amount of characters?

    I am trying to customize the port range to only scan ports that should not be active.  When all ports to be scanned are put end to end the line is 230 characters long and all specified IPs show as dead in the res...
    last modified by andrewbrooks845
  • Apache Struts search

    Hello,   I want to search the estate for the existence of Apache Struts.   If I create a advanced policy and have EVERYTHING disabled but add two or three Apache Struts vulnerabilitiy plugins will this wor...
    last modified by superhoops
  • Excluding Computers w/ Agent from Network Scan

    What is the best way to exclude computers with the Nessus Agent installed from a traditional network-based vulnerability scan?
    last modified by nateut
  • I am failing credential when scanning a Cisco VTC Codec that only uses WEB no SSH.

    We are trying to scan a Cisco VTC Codec that only has Web management.  The scan keeps coming up un-credentialed even though we can login to the device with that specific username and password.
    last modified by bob.bartlett

         ALL                 I have a question concerning Nessus scans. We are doing DISA STIG compliance scans but are ge...
    last modified by jeremykatz