Vulnerability assessments are typically done by running authenticated scans, which means the scanner will authenticate against the systems its scanning. Nessus Professional is used by organisations with big networks. The major difference between the two is that you can only scan up to 16 IP addresses per scanner, and you won’t be able to perform compliance checks and content audits with Nessus Home. It has two versions: Nessus Home and Nessus Professional. Nessus is a vulnerability scanner developed by Tenable. In this blog, I will guide you through the process of performing a VA against your network using Tenable Nessus. However, average home users should also conduct vulnerability assessment against their network. It is recommended that you conduct a VA against your organization’s network every quarter, and if your organization follows certain policy and standards, such as PCI DSS or ISO 27001, VA is a mandate. The results of the scan will show how an application, website or other system is vulnerable, but it doesn’t provide details on what would happen if the vulnerability was exploited. Imagine a burglar looking for and identifying different entrances to your building, but not entering. VA is a process of identifying security vulnerabilities in a system.
If you work in the field of Infosec, you have probably heard of Vulnerability Assessment (VA).
How to run Tenable Nessus tool for Vulnerability Assessment?.