Archive for August, 2013

Nessus Parser v19

August 12th, 2013 8 comments

Version 19 of the Nessus parser is here. There are a few features I am really excited about. Listed below are all the newly added features.

1. CPE report
2. Added Plugin Family Mobile Devices
3. Added Plugin Family Oracle Linux Local Security Checks
4. Added Plugin Family Scientific Linux Local Security Checks
5. Added CVSS Score Data
6. Added CVSS Total Score

The features I think are really exciting, are the CPE and CVSS related features.

First there is a new table with all the CPE’s found during the scan. The CPE’s can help you identify systems with specific software or hardware configuration. This is a great tool to help with software inventory.

The second item is the addition of CVSS information to the vulns tabs.

The third really neat feature allows you to use the CVSS score to assess risk. On the new “CVSS Score Total” tab there is a row for each IP address and the sum of each CVSS for critical, high and medium severities. To allow the analysts to assign risk levels there is a multiplier for each severity level. By changing the value in each multiplier, you effect the over all score assigned to each address.

Categories: Nessus Tags: , ,