Nessus is available in both home and professional editions. In this video, learn more about the differences between these editions in functionality, pricing, and licensing requirements.
- [Instructor] Nessus is a product with a long history. It began as an open source project, all the way back in 1998, and quickly became a very popular tool for security scanning. In 2005, Tenable Network Security, the owners of Nessus, changed it from an open-source license, to a closed-source product, and began charging for some uses of the product. Over time, this evolved into Nessus being available in two different editions. The Nessus Home edition, which remains free for use by the security community, and the Nessus Professional edition. The Nessus Home edition is a powerful and great way to learn Nessus. It's what we'll be using in this course. There are a couple of big caveats to the Home edition of Nessus. First, it's licensed for personal and training use only. You can't use the Nessus Home edition in any kind of commercial environment. Second, Nessus Home is limited to scanning 16 IP addresses. You won't be able to scan large networks. If you do plan to use Nessus in a commercial environment, you'll need to purchase a license for Nessus Professional. It's priced on a per-scanner basis, and you'll find current pricing information on the Tenable website. Tenable also offers some other products that build upon Nessus. These include the Tenable Security Center, known as tenable.sc. This product provides you with a dashboard for tracking vulnerabilities across scanners. And tenable.io offers a cloud-based approach to vulnerability scanning, based upon an SS platform. In this course, I'll assume that you're using the standard Nessus product. If you'd like to use the Nessus Home edition for free, you'll need to visit the Tenable website, and fill out the activation code registration form on the Nessus Home page. You'll just need to provide your first and last name, and your email address. And then click the register button. Once you've done that, you'll receive an email containing an activation code that you'll use during the Nessus installation process. You'll also find a link on the next page to the download page for the Nessus Manager. Nessus Manager is the software that you'll install on the server that will be running Nessus scans. As you scroll through this page, you'll find different download files available. They correspond to different versions of Nessus, as well as different operating systems that Nessus can run on.
- Setting up Nessus on Linux and Windows
- Identifying scan targets and frequency
- Configuring vulnerability scans
- Reporting scan results
- Overcoming barriers to vulnerability remediation