Vulnerability Management with Nessus

Fix the flaws in your network before attackers can find them. Learn how to use Nessus, the network automated vulnerability scanner, to detect and resolve system vulnerabilities.

Introduction

• Managing vulnerabilities with Nessus
• What you need to know

1. Setting Up Nessus

• Nessus editions
• Installing Nessus Manager on Linux
• Installing Nessus Manager on Windows
• Accessing the Nessus console

2. Creating a Vulnerability Management Program

• What is vulnerability management?
• Identify scan targets
• Scan frequency

3. Configuring and Executing Vulnerability Scans

• Scan configuration
• Scan perspective
• Scanner maintenance

4. Remediating Vulnerabilities

• Report scan results
• Prioritize remediation
• Create a remediation workflow
• Barriers to vulnerability remediation

5. Analyzing Scan Results

• SCAP
• CVSS
• Interpreting CVSS scores
• Analyzing scan reports
• Correlating scan results

6. Common Vulnerabilities

• Server vulnerabilities
• Endpoint vulnerabilities
• Network vulnerabilities
• Preventing SQL injection
• Understanding cross-site scripting
• Request forgery
• Overflow attacks
• Code execution attacks
• Privilege escalation
• OWASP Top Ten
• Defending against directory traversal
• Race condition vulnerabilities

Conclusion

• Next steps