- Nikto plugin. Using this plugin you can automate the application assessment in the organization and the greatest strength is that you can incorporate the results into Nessus and you can present the report along with other vulnerability findings.
- Installed software discovery. One of the challenges we face everyday involve identifying and preventing unauthorized software on the desktops and servers. Nessus offers multiple plugins to identify and create an inventory of installed software.
- Wireless SSID discovery. In your organization do you know how many active wireless networks are there? Even more intriguing is do we know how many of your desktops are associated with a wireless network? This particular Nessus plugin can identify active wireless domains for each desktops or laptops in your organization. This is invaluable for not only identifying which devices are susceptible to wireless threats but also ensures compliance with your internal policies and standards like PCI
- Auditing disabled USB drives. Many organizations have policies that prevent the use of USB drives but how do we ensure that all desktops and servers are in compliance with this policy? Nessus offers an .audit file to scan the devices to verify that the system indeed has locked the USB drives.
- Scanning for administrator access. Nessus offers various plugins to identify administrator privileges, some of the important ones are,
password
> Users in "domain administrator" and local administrator group. This enables
you to find the users who are part of this important administrator group.
For more information visit the Nessus plugin page
3 comments:
Never knew about the software inventory plugin, looks quite useful
Another extremely useful feature is the credentialized scan, it helps to bring out all the vulnerabilities in the systems
One of the exiting addition to this list is the ability to do credential scan the databases
Post a Comment