New Nessus Vulnerability Modifications Now Available
Nessus now provides the ability to modify vulnerability findings in scan results. These new granular vulnerability modification options combined with other recent enhancements, including the ability to email actionable reports at the completion of a scan, enhance the power of Nessus for daily vulnerability management.
The vulnerability modification settings provide Nessus users with the ability to change the severity of findings, or hide them completely for a single host, a single scan, all future scans, or a specific time period. Nessus users may wish to modify vulnerability finding for a variety of reasons, including:
- The vulnerability may be mitigated without patching.
- The value or exposure of the vulnerable asset may require a higher or lower vulnerability rating.
- The finding may be a false positive from a non-credentialed scan.
- Time may be needed to remediate a vulnerability in production systems.
Configuration
To modify a finding from an existing report, click the “Modify” button in the upper-right corner of the report details section:
Nessus users can now choose to modify the vulnerability’s severity or hide the result:
The modification can be applied to the existing report or all future reports, or the change can be set to expire on a specified date. Setting an expiration date is useful for allowing time for remediation of known issues while ensuring the findings are automatically restored to the appropriate severity after the specified remediation period.
If the modification is made from the "Hosts" section of the report, it can be applied to a single host or to all hosts.
Modifications can also be added, removed, or edited through the new "Results Settings" section under the "Configuration" tab:
Managing the ability to edit scan results is performed as it has been for the existing ability to delete specific findings. The "Allow Post-Scan Report Editing" checkbox in the "Policy General Settings" tab allows Nessus users to enable or disable vulnerability modification:
Nessus plugin ID #19506, Nessus Scan Information, reports whether post-scan editing is enabled for the current results:
Conclusion
Nessus ProfessionalFeed, Perimeter Service, and HomeFeed users can immediately take advantage of the new modification features. If you have any questions, please visit the Tenable Support Portal or pose a question on the Tenable Discussions Forum.
Related Articles
Study: Tenable Offers Fastest, Broadest Coverage of CISA's KEV Catalog
October 23, 2023Tenable ranked first in multiple vulnerability management categories, including the most comprehensive coverage and quickest detection of CISA's Known Exploited Vulnerabilities, according to a Miercom report commissioned by Tenable.
Tuning Network Assessments for Performance and Resource Usage
September 13, 2022Using the correct tool for the job and optimizing scanner placement will have a large impact on scan efficiency with Nessus, Tenable.io and Tenable.sc.
Terrascan Joins the Nessus Community, Enabling Nessus To Validate Modern Cloud Infrastructures
May 17, 2022The addition of Terrascan to the Nessus family of products helps users better secure cloud native infrastructure by identifying misconfigurations, security weaknesses, and policy violations by scanning Infrastructure as Code repositories.
Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security
November 1, 2024Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.
FY 2024 State and Local Cybersecurity Grant Program Adds CISA KEV as a Performance Measure
October 31, 2024The CISA Known Exploited Vulnerabilities (KEV) catalog and enhanced logging guidelines are among the new measurement tools added for the 2024 State and Local Cybersecurity Grant Program.
Cybersecurity Snapshot: New Guides Offer Best Practices for Preventing Shadow AI and for Deploying Secure Software Updates
October 25, 2024Looking for help with shadow AI? Want to boost your software updates’ safety? New publications offer valuable tips. Plus, learn why GenAI and data security have become top drivers of cyber strategies. And get the latest on the top “no-nos” for software security; the EU’s new cyber law; and CISOs’ communications with boards.
- Nessus