Back to onboarding indexTenable Nessus Expert onboarding portal
Tenable Nessus Expert Basics and Getting Started
Leverage these key resources and events to hit the ground running and stay informed of the latest product updates and releases.
Major onboarding steps
To get started with Tenable Nessus Expert, follow the steps below.
- 1 Prepare
- 2 Install and configure Tenable Nessus Expert
- 3 Create and configure scans
- 4 View and analyze scan results
- 5 Refine Tenable Nessus settings
- 6 Set up web app scanning
- 7 Set up Infrastructure as Code (IaC) Scanning
- 8 Create an External attack surface discovery scan
Ensure that your setup meets the minimum system requirements and obtain your activation code for Tenable Nessus Expert.
Resources:
Follow the installation steps depending on your Tenable Nessus software and operating system and perform the initial configuration steps.
Resources:
Run a host discovery scan to identify assets on your network. Then, create a scan by selecting a scan template and configuring the scan to meet your needs. Finally, launch the scan.
Resources:
View and analyze scan results, manage vulnerabilities and scan folders, and create a scan report or export.
Resources:
Adjust scan settings to address warning messages and monitor scan health.
Resources:
While Tenable Nessus itself is installed directly on the host operating system, the web scanner portion of Tenable Nessus Expert is installed as a Docker image on the same host. The web application scanner cannot run if the host does not have Docker installed.
Resources:
Terrascan is a static code analyzer for Infrastructure as Code (IaC). Companies most commonly use Terrascan in automated pipelines to identify policy violations before they provision insecure infrastructure.
Resources:
- Docs: Terrascan
- Video: Scan Your Code Repositories with Nessus Expert
You can use Tenable Nessus's integration with Bit Discovery to create an attack surface discovery scan. This scan type allows you to scan top-level domains and generate DNS records based on the scan findings. Tenable Nessus Expert allows you to scan up to five different licensed domains.
Resources:
Major Onboarding Steps
To get started with Tenable Nessus Expert, follow the steps below.
Ensure that your setup meets the minimum system requirements and obtain your activation code for Tenable Nessus Expert.
Resources:
Follow the installation steps depending on your Tenable Nessus software and operating system and perform the initial configuration steps.
Resources:
Run a host discovery scan to identify assets on your network. Then, create a scan by selecting a scan template and configuring the scan to meet your needs. Finally, launch the scan.
Resources:
View and analyze scan results, manage vulnerabilities and scan folders, and create a scan report or export.
Resources:
Adjust scan settings to address warning messages and monitor scan health.
Resources:
While Tenable Nessus itself is installed directly on the host operating system, the web scanner portion of Tenable Nessus Expert is installed as a Docker image on the same host. The web application scanner cannot run if the host does not have Docker installed.
Resources:
Terrascan is a static code analyzer for Infrastructure as Code (IaC). Companies most commonly use Terrascan in automated pipelines to identify policy violations before they provision insecure infrastructure.
Resources:
- Docs: Terrascan
- Video: Scan Your Code Repositories with Nessus Expert
You can use Tenable Nessus's integration with Bit Discovery to create an attack surface discovery scan. This scan type allows you to scan top-level domains and generate DNS records based on the scan findings. Tenable Nessus Expert allows you to scan up to five different licensed domains.
Resources:
Best practices
Use these Best practices to get the most from your investment and set the foundation for becoming a power user:
- Utilize the Tenable vulnerability priority rating (VPR) to prioritize the remediation of the highest risk vulnerabilities first.
- The scan or policy’s Credentials page allows you to configure the Tenable Nessus scanner to use authentication credentials during scanning. Configuring credentials allows Tenable Nessus to perform a wider variety of checks that result in more accurate scan results.
- You can compare two scan results to see differences between them. This comparison is not a true differential of the two results; it shows the new vulnerabilities that Tenable Nessus detected between the older baseline scan and the newer scan. Comparing scan results helps you see how a given system or network has changed over time. This information is useful for compliance analysis by showing how vulnerabilities are being remediated, if systems are patched as Tenable Nessus finds new vulnerabilities, or how two scans may not be targeting the same hosts.
- Use the Live Results feature to view scan results for new plugins based on a scan's most recently collected data, without running a new scan. Live Results allow you to see potential new threats and determine if you need to launch a scan manually to confirm the findings.