Software Update: Nessus 10.3.0

Spread the love

Nessus is a security scanner that can scan a network for known exploits and open services. Results can then be in several reports to be displayed. The software can also integrated with other packages, such as CyberArk for credential management and emm solutions from Microsoft, Apple, BlackBerry, MobileIron and VMware. Nessus comes in three different flavours: the free-to-use Home edition, and the paid Professional and Manager editions. Tenable has released Nessus 10.3.0 with the following changes:

New Features

The following are the new features included in Nessus 10.3.0:

  • Added the new Nessus Expert license and the ability to upgrade to Nessus Expert from the user interface.
  • Added new Terrascan scanning features to Nessus Expert.
  • Integrated Bit Discovery into Nessus Expert as a new scan template: Attack Surface Discovery.
    Note: The attack surface discovery scan currently has a limit of discovering 100,000 child domains and displaying 2,500 domain results in the default results view. You can view all the scan results by applying filters. Tenable is working to extend the maximum child domain amount for customers with larger sets of exposed child domains.
  • Updated OpenSSL to support version 3.0.5.
  • Updated Tenable.io-linked scanners to support differential plugin updates.
  • You can now configure trusted certificate authorities (CAs) for individual scans.

Changed Functionality and Performance Enhancements

The following enhancements are included in Nessus 10.3.0:

  • Updated the Nessus NASL compiler to stop when it encounters file errors.

Bug fixes

  • Fixed an issue where ACAS colors would appear incorrectly
  • Fixed an infinite loop issue related to certain HTTP requests.
  • Fixed an RDNS lookup issue that affected some Nessus instances.
    Note: To address this bug, Nessus was modified to use an asynchronous method of reverse DNS lookup. The asynchronous lookup method is unstable in some newer Linux versions, so Nessus instances installed on Linux systems still use the original synchronous lookup method. Most Linux users should use the original synchronous method. However, if the synchronous lookup method causes your scans to stall, you can upgrade to the new asynchronous method by running the following command: nessuscli fix –set rdns.use_asynchronous_lookup.

Version number 10.3.0
Release status Final
Operating systems Windows 7, Linux, BSD, macOS, Solaris, Windows 8, Windows 10, Windows 11
Website Tenable Network Security
Download
License type Freeware/Paid
DiscoveryDNSLinuxOpenSSLPerformanceSoftwareSurfaceWindows