100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace
Cybersecurity

Nessus

By Tenable

IntermediateTool585 learners

Nessus is a widely used vulnerability scanning tool developed by Tenable that identifies security weaknesses, misconfigurations, and missing patches across networks, servers, and applications.

Definition

Nessus is a widely used vulnerability scanning tool developed by Tenable that identifies security weaknesses, misconfigurations, and missing patches across networks, servers, and applications.

Overview

Nessus is one of the longest-running and most widely deployed Vulnerability Assessment tools in the security industry. It scans hosts, network devices, and applications against a continuously updated plugin database covering known vulnerabilities, mapping findings to identifiers such as CVE (Common Vulnerabilities and Exposures) so teams can prioritize remediation. A scan typically checks for outdated software, missing patches, weak configurations, default credentials, and compliance deviations against benchmarks like CIS or PCI DSS. Results are ranked by severity, helping security teams focus limited remediation effort on the highest-risk issues first. Nessus is commonly used both by internal security teams for continuous vulnerability management and by external assessors during Penetration Testing engagements. Originally released as an open-source project in the late 1990s before becoming a commercial Tenable product, Nessus now underpins Tenable's broader vulnerability management platform, Tenable.io, and remains a standard tool taught in security operations and offensive security training such as Offensive Security & Penetration Testing.

Key Features

  • Continuously updated plugin database covering thousands of known vulnerabilities
  • Maps findings to CVE identifiers and severity scores
  • Supports compliance auditing against CIS, PCI DSS, and other benchmarks
  • Scans networks, hosts, web applications, and cloud infrastructure
  • Credentialed and non-credentialed scanning options
  • Detailed remediation guidance for identified issues
  • Integrates with broader vulnerability management workflows

Use Cases

Routine vulnerability scanning as part of a security operations program
Pre-audit compliance checks against regulatory frameworks
Supporting penetration testers with initial reconnaissance and scoping
Identifying missing patches across large server fleets
Validating remediation after previously found vulnerabilities are fixed
Assessing new systems before they are placed into production

Frequently Asked Questions