The look and feel are the same as since Beta 3 (and earlier Linux / Mac releases).
Main Screen, add hosts, connect to scanner, define scanning policy / type and begin scan.
Add host(s) or subnetworks
Edit scan policy.
And finally...the results!
So, now that you have seen the results and a bit of the options I'll get into it. Overall this is a somewhat useful tool for ad-hoc or verification vulnerability scans. The primary drawbacks are that it will only export to html, nbe and nsr but not txt or xml (both supported by the CLI client). While all plugins have associated CVSS scores, A significant drawback of the NessusClient is that it does not sort or readily display the results based on CVSS scores. This makes it difficult to locate results by score and thereby prioritize.
All being said, this is a good support tool and I would suggest using it in conjunction with something like InProtect that will give you the history and maintain result sets in a manageable and queryable database.
Cheers,
JJC
All being said, this is a good support tool and I would suggest using it in conjunction with something like InProtect that will give you the history and maintain result sets in a manageable and queryable database.
Cheers,
JJC
No comments:
Post a Comment