Security Testing: Vulnerability Management with Nessus

Fix the flaws in your network before attackers can find them. Learn how to use Nessus, the network automated vulnerability scanner, to detect and resolve system vulnerabilities.

Introduction

• Managing vulnerabilities with Nessus
• What you need to know

1. Setting Up Nessus

• Nessus editions
• Installing Nessus Manager on Linux
• Installing Nessus Manager on Windows
• Accessing the Nessus console

2. Creating a Vulnerability Management Program

• What is vulnerability management?
• Identify scan targets
• Scan frequency

3. Configuring and Executing Vulnerability Scans

• Scan configuration
• Scan perspective
• Scanner maintenance
• Vulnerability Scanning Tools

4. Remediating Vulnerabilities

• Report scan results
• Prioritize remediation
• Create a remediation workflow
• Barriers to vulnerability remediation

5. Analyzing Scan Results

• SCAP
• CVSS
• Interpreting CVSS scores
• Analyzing scan reports
• Correlating scan results

6. Common Vulnerabilities

• Server vulnerabilities
• Endpoint vulnerabilities
• Network vulnerabilities
• Virtualization vulnerabilities
• Industrial control systems
• Understanding cross-site scripting
• Preventing SQL injection

Conclusion

• Next steps