Tenable Nessus Professional has been the most recognized and trusted vulnerability scanner in the industry for years. Over that period, technology has advanced and the attack surface has expanded.

That’s why Tenable introduced Tenable Nessus Expert, a solution that builds upon that legacy by becoming the first vulnerability assessment solution designed for the modern attack surface.

With Nessus Expert, you can continue to take advantage of the industry’s most trusted vulnerability assessment solution for traditional IT infrastructure, but now you can also address new areas of the modern attack surface.

Nessus Expert is able to identify internet-connected subdomain assets that may be unknown, unsecured and unmonitored. It also enables you to scan cloud infrastructure as code (IaC) repositories to identify security weaknesses before pushing them to production where they are harder, and more expensive, to fix.

Let’s take a deeper look at some of the capabilities you will gain and how you can benefit from upgrading your Nessus Professional licenses to Nessus Expert.

Gain Visibility into Internet-Connected Assets

Organizations often lack visibility into their assets that are connected to the internet. It might be a developer site they had no idea about, a decommissioned staging site that mistakenly remained online, or a virtual server spun up for troubleshooting purposes but left connected. Unknown and unmonitored, these assets are often used by threat actors to launch attacks deeper into the organization’s network. With Nessus Expert you will be able to:

Discover internet-connected assets that were previously unknown to the organization.
Identify all domains and subdomains that make up the organization’s external-facing attack surface.
Gain a contextual understanding of these assets by understanding their ports, secure socket layer (SSL) details and domain name system (DNS) information.
Understand the risk these assets pose by easily kicking off vulnerability assessment scans for those newly identified assets.
Scan up to five domains every 90 days to understand all your associated subdomains.

Upgrade Benefits

Nessus Expert simplifies the analysis and reporting capabilities by using a single product to assess traditional IT, IaC and EASD assets. Specifically:

External Attack Surface Discovery

Continually discover and build an inventory of internet-connected assets that were previously unknown to the organization
Easily kick off vulnerability scans to determine the risks those assets pose to the organization

Infrastructure as code (IaC) Scanning

Establish guardrails in automated GitOps and CI/CD processes that ensure secure deployments with minimal effort
Prevent misconfigurations and vulnerabilities from reaching cloud instances
Prevent the downtime and additional costs and resources associated with remediating code after deployment
Future-proof your investment because Nessus Expert will always be the main focus when it comes to new functionality in Nessus.

Upgrade to Nessus Expert here

Secure Cloud Infrastructure Before Deployment

Reliance on the cloud and infrastructure as code (IaC) to streamline development lifecycles has become a key part of every organization’s business. Yet, developers often aren’t following security best practices before pushing cloud instances to production, which increases risk. If unknown vulnerabilities are pushed into production, taking the environment down in order to remediate them will disrupt business continuity or force the organization to take on more risk. Nessus Expert will enable you to:

Take a proactive approach to performing vulnerability assessment for cloud workloads.
Scan IaC repositories to programmatically detect cloud infrastructure misconfigurations and vulnerabilities in the design and build phases of the software development lifecycle.
Leverage 500 prebuilt policies for IaC scanning.
Scan for disruptive and costly vulnerabilities before code is deployed.
Prevent misconfigurations and vulnerabilities from reaching cloud instances.
Prevent the downtime and additional costs and resources associated with remediating code after deployment.

Ease of Upgrade

You can easily upgrade to Nessus Expert when you renew your existing Nessus Professional license by applying the Nessus Expert license key to your existing Nessus Professional installation. There is no need to do a fresh install of Nessus and it enables you to keep all of your previous scans and schedules.

Benefits of Upgrading to Nessus Expert

As was stated above, with Nessus Expert, you can continue to take advantage of the industry’s most trusted vulnerability assessment solution for traditional IT infrastructure, but now you can also address new areas of the modern attack surface.

Many internet-facing assets are often unknown to an organization, left unsecured and are a favorite staging platform for deeper attacks by cyber adversaries. Cloud instances that utilize infrastructure as code (IaC) are focused on ease of use, not security, and are very expensive to remediate once in production.

With Nessus Expert, you can address these two new areas of the modern attack surface with the industry’s gold standard for vulnerability assessment. A summary of benefits relating to the modern attack surface follows:

Discover internet-connected assets that were previously unknown to the organization.
Kick off vulnerability assessment scans for those newly identified assets.
Scan up to five domains every 90 days to understand all associated subdomains.
Establish a proactive approach to vulnerability assessment for cloud workloads.
Prevent misconfigurations and vulnerabilities from reaching cloud production instances.
Leverage 500 prebuilt policies for IaC scanning.

Want to learn more about Nessus Expert? Fill in this form and we will contact you.

First Name*

Last Name*

Email Address*

Company*

Job Title*

Business Phone*

Country*

Do you have a specific question?

Yes, I'd like to receive news, promotions and other marketing-related content from Arrow ECS.