Software Update: Nessus 8.2.0

Nessus is a security scanner that can scan a network for known exploits and open services. Results can then be displayed in various reports to be displayed. The software can also integrated with other packages, such as CyberArk for credential management and MDM software from Microsoft, Apple, MobileIron and AirWatch. Nessus comes in three different flavors: the free-to-use Home edition, and the paid Professional and Manager editions. Tenable has released Nessus 8.2.0 with the following changes:

New Features

The following are the new features included in the Nessus 8.2.0 Release:

• Scanner Health Page: We recently completed our 4th annual Tenable INIT conference, where each year teams assemble for creative problem solving and a bit of fun. This new capability is a direct output of that event. The Scanner Health page is the first step to providing users scanner information, including real-time insight into health and performance data on a local scanner.
  Examples of details a user can view include host stats; memory and CPU usage as well as application-specific stats including the number of scans running and the number of assets being scanned.
• Nessus Pro/Manager to Tenable.io Migration: For some users, there may come a time when they want to move to the Tenable.io platform. For those users, we have now automated this process. We are allowing customers who are using Nessus Professional or Manager to migrate their configuration easily into Tenable.io.
• Additional improvements include:
  • Exposing additional audit trail configurations to advanced settings.
  • Option to adjust log levels without requiring a restart of the service.

Bug Fixes

• Resolved issue where plugin script timeouts were not working when set to 0.
• Resolved issue where Agents were receiving unexpected 500 Responses when connecting to Nessus Manager.
• Resolved issue where Audit scans were failing in Tenable.io when Asset Isolation was enabled.
• Resolved issue where diff CSV exports in Nessus Manager were blank.
• Resolved issue where large PDF exports were timing out.

Nessus Service Bulletin – Upgrade your Nessus scanners by 1/31/19

As the number of published vulnerabilities grows, so the does the size of the Nessus plugin database. Currently, Nessus scanners are testing for over 100,000 different vulnerabilities. When the size of the plugin database grows beyond 2 GB, older versions of the Nessus scanner engine will no longer be able to compile the plugin database and will be unable to run scans and collect the vulnerability data from the assets in your environment.

We recommend that all customers review the version of Nessus scanners (Tenable.io, Tenable.sc, Nessus Pro) running in their environments. If you are running an affected version, we recommend you upgrade before 1/31/19 to a supported, unaffected version.

Versions Affected:

• Nessus 6.x
• Nessus 7.0 through and including Nessus 7.1.2

Versions Unaffected:

• Nessus versions 7.1.3 and above
• Nessus 8.x

Because compiling the plugin database is a Nessus engine task, all products that use the Nessus engine are affected. This includes scanners managed by Tenable.sc (formerly SecurityCenter), Tenable.io, Nessus Manager as well as Nessus Professional.