Tenable Network Security has announced extended OS support for Nessus Agents to help IT security architects, analysts and system administrators reduce the attack surface and gain visibility into systems that are off-limits or challenging for vulnerability assessments.
Nessus Agents, now with support for Mac OS X and Red Hat/CentOS Linux, address key challenges of traditional network-based scanning, and reduce an organization’s attack surface by scanning assets that are off the network or powered-down during scheduled assessments. They close the scanning gap for laptops and other portable devices that come and go from the network, and remove the need for password updates and ongoing credential management for network assets during vulnerability assessments.
“There are plenty of ways to reduce a company’s attack surface, but with the growing mobile workforce, many organizations still have certain assets that are challenging to include in their vulnerability management program,” said Ron Gula, CEO, Tenable Network Security. “With the expanded coverage of Nessus Agents to systems running Mac and Linux, customers are better equipped to address these hard-to-reach assets, thereby reducing risk and ensuring compliance for customers.”
Once installed on servers, portable devices and other assets found in today’s complex IT environments, Nessus Agents identify vulnerabilities, policy-violating configurations and malware on the hosts where they are installed and report results back to the Nessus server.
"Traditionally, vulnerability assessment technology has relied on a simple ‘best effort’ to use network scanning to assess as many assets as possible,” said Adrian Sanabria, senior security analyst, 451 Research. “Leveraging agent technology enables Tenable to fill this gap and assess systems that don’t respond well to network scans, or are simply not present when network scans occur. An agent approach also scales better than network scans, allowing security analysts to see results much more quickly than would be possible with network-based scanning, even when leveraging multiple distributed scanners."
These rich vulnerability assessment capabilities, combined with the fact that agents are running local on hosts and only sending results across the network, helps companies like Dignity PLC, the UK’s largest provider of funeral-related services, run vulnerability assessments and maintain compliance without overtaxing system resources.
“One of the main reasons we’ve deployed Nessus Agents is to improve scan performance,” said Mandeep Baidwan, security officer, Dignity PLC. “Agents run locally on hosts, which means we can scan more assets, more frequently without adding a load on our network.”
Additional enhancement features of Nessus include:
The ability to perform configuration audits in the Rackspace public cloud to ensure systems, networks and accounts are correctly configured.
Deeper integration with MobileIron and AirWatch MDM systems. Nessus now provides more in-depth MDM data so customers can better protect mobile assets.