New Nessus Vulnerability Modifications Now Available
Nessus now provides the ability to modify vulnerability findings in scan results. These new granular vulnerability modification options combined with other recent enhancements, including the ability to email actionable reports at the completion of a scan, enhance the power of Nessus for daily vulnerability management.
The vulnerability modification settings provide Nessus users with the ability to change the severity of findings, or hide them completely for a single host, a single scan, all future scans, or a specific time period. Nessus users may wish to modify vulnerability finding for a variety of reasons, including:
- The vulnerability may be mitigated without patching.
- The value or exposure of the vulnerable asset may require a higher or lower vulnerability rating.
- The finding may be a false positive from a non-credentialed scan.
- Time may be needed to remediate a vulnerability in production systems.
Configuration
To modify a finding from an existing report, click the “Modify” button in the upper-right corner of the report details section:
Nessus users can now choose to modify the vulnerability’s severity or hide the result:
The modification can be applied to the existing report or all future reports, or the change can be set to expire on a specified date. Setting an expiration date is useful for allowing time for remediation of known issues while ensuring the findings are automatically restored to the appropriate severity after the specified remediation period.
If the modification is made from the "Hosts" section of the report, it can be applied to a single host or to all hosts.
Modifications can also be added, removed, or edited through the new "Results Settings" section under the "Configuration" tab:
Managing the ability to edit scan results is performed as it has been for the existing ability to delete specific findings. The "Allow Post-Scan Report Editing" checkbox in the "Policy General Settings" tab allows Nessus users to enable or disable vulnerability modification:
Nessus plugin ID #19506, Nessus Scan Information, reports whether post-scan editing is enabled for the current results:
Conclusion
Nessus ProfessionalFeed, Perimeter Service, and HomeFeed users can immediately take advantage of the new modification features. If you have any questions, please visit the Tenable Support Portal or pose a question on the Tenable Discussions Forum.
Related Articles
Study: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog
October 23, 2023Tenable ranked first in multiple vulnerability management categories, including the most comprehensive coverage and quickest detection of CISA's Known Exploited Vulnerabilities, according to a Miercom report commissioned by Tenable.
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
Terrascan Joins the Nessus Community, Enabling Nessus To Validate Modern Cloud Infrastructures
May 17, 2022The addition of Terrascan to the Nessus family of products helps users better secure cloud native infrastructure by identifying misconfigurations, security weaknesses, and policy violations by scanning Infrastructure as Code repositories.
Cybersecurity Snapshot: Many Employees Overshare Work Info with AI Tools, Report Finds, as ‘Cybersecurity Awareness Month’ Kicks Off
October 4, 2024Check out the best practices cyber agencies are promoting during Cybersecurity Awareness Month, as a report warns that staffers are feeding confidential info to AI tools. Meanwhile, a study highlights how business decisions can derail OT security. Plus, get the latest on Active Directory security, CISO salary trends and ransomware attacks!
How to Unlock Advanced IoT Visibility for Cyber-Physical Systems
October 1, 2024As the number of IoT devices deployed globally continues to rise, cyber-physical systems and business operations are exposed to greater risk. Improving asset visibility, monitoring and risk management are critical steps to preventing breaches.
Cybersecurity Snapshot: NIST Program Probes AI Cyber and Privacy Risks, as U.S. Gov’t Tackles Automotive IoT Threat from Russia, China
September 27, 2024A new NIST program will revise security frameworks like NIST’s CSF as AI risks intensify. Plus, the U.S. may ban cars with Russian and Chinese IoT components. Meanwhile, the CSA adds AI insights to its zero trust guide. And get the latest on cybersecurity budgets, SBOMs and the Ghost cybercrime platform!
- Nessus