View Image

Nessus is a complete and very useful network vulnerability scanner which includes high-speed checks for thousands of the most commonly updated vulnerabilities, a wide variety of scanning options, an easy-to-use interface, and effective reporting.

The versatile Nessus® vulnerability scanner provides patch, configuration, and compliance auditing; mobile, malware, and botnet discovery; sensitive data identification; and many other features.

With a continuously updated library of more than 60,000 plugins and the support of Tenable’s expert vulnerability research team, Nessus delivers accuracy to the marketplace. Nessus provides multi-scanner support, scales to serve the largest organizations, and is easy to deploy on premise or in the Amazon Web Services (AWS) cloud.

Heartbleed

Tenable Products Provide Strategic Solutions

The significance of CVE-2014-0160, aka Heartbleed, an attack against the transport layer security protocol (TLS/DTLS) heartbeat extension, is well documented. What could use more discussion is what it really takes to find all vulnerable systems in today's networks.

The vulnerability exists in the OpenSSL library, widely used by Linux operating systems, embedded systems and most applications implementing SSL encryption
While you can patch the vulnerability in your operating system, the vulnerable library can be built into the application, as it is with OpenVPN and other applications which must also be patched
The vulnerability can present itself in any service which implements SSL, allowing it to exist in services other than HTTPS (port 443), including email, instant messenger, and many other common (and uncommon) services and applications
Once you’ve patched the vulnerability on all of the systems and services you’ve discovered, it can easily be re-introduced if someone installs a vulnerable application or embedded system that has not yet been patched (or an older version where the vulnerability exists).

Through a comprehensive set of plugins and dashboards delivered within hours of the discovery of this vulnerability, Tenable customers were able to identify risk from Heartbleed across a wide variety of infrastructure, systems, and applications.

Nessus Perimeter Service

If you are concerned with your Internet facing systems, particularly your web sites or VPN connections, you may use the same Nessus Heartbleed detection policy wizard to create a schedule for scanning your systems from our remote, cloud-based vulnerability scanner, the Nessus® Perimeter Service™.

Nessus Perimeter Service can be used to check for the for the Heartbleed vulnerability using one or more of the following three settings:

Quick – limited to searching for ports/services that are known to use OpenSSL;
Normal – searches for the vulnerability on the Nessus default set of ports; or
Thorough – performs a comprehensive sweep of all 65K ports and detects use of SSL.

Nessus Perimeter Service allows for unlimited scanning of unlimited IP addresses and will help you discover where SSL communications that rely on OpenSSL are entering into your network, and whether they are vulnerable to the heartbeat attack.

PVS – Passive Scanning

For those hard to reach places, Tenable’s Passive Vulnerability Scanner™ (PVS™) can sniff the network and identify hosts vulnerable to the “Heartbleed” attack.

PVS is a powerful tool for finding Heartbleed and other vulnerabilities which may escape some traditional detection methods. By passively monitoring network traffic, PVS detects server and client vulnerabilities, applications, and connections.

As a data source for SecurityCenter Continuous View™, or as an individual subscription installation, PVS provides valuable insight into Heartbleed and other OpenSSL issues. Shown is a sample report displayed in the PVS web interface.