News, news analysis, and commentary on the latest trends in cybersecurity technology.

Cloud, Remote Work Will Change How IT Uses Vulnerability Scanners

Tenable added Raspberry Pi support to Nessus v10.0 to help security professionals conduct audits and assessments remotely.

Dark Reading Staff, Dark Reading

November 2, 2021

3 Min Read
A big question mark on a screen.
Source: Skorzewiak from Adobe Stock

The shift to a more distributed work environment -- with some employees working remotely, others going into the office, and yet others switching back and forth -- has forced enterprise security teams to adjust to new working patterns. Even if they aren’t on-site, IT security teams are still responsible for identifying and addressing vulnerabilities that could potentially be exploited, as well as looking for and detecting attacks as soon as possible.

For security consultants who require physical access to conduct internal audits and vulnerability assessments in client environments, working remotely can be a challenge, says Tenable, which helps companies understand and reduce their cyber-risk. With that in mind, Tenable has added support for the Raspberry Pi in the new Nessus v10.0. Tenable’s Nessus Professional scans a company's entire infrastructure -- including operating systems, on-premises software, cloud services, and Internet of Things (IoT) devices -- for exploitable vulnerabilities like misconfigured software, outdated applications, weak passwords, and network flaws.

Having the ability to deploy the vulnerability scanning tool on easily accessible hardware gives security professionals greater flexibility. Enterprise defenders gain visibility and control over their environments as they can deploy Nessus on Raspberry Pi to remotely assess smaller offices and off-site networks, Tenable says. Consultants can ship disposable scanners to clients for remote-friendly assessments. Assessment results are collected in a centralized location for prioritization and response.

Growing Vulnerability Management Market
Demand for vulnerability management tools is high and expected to grow, especially considering the increasing number of vulnerabilities, the large monetary losses associated with breaches that was the result of an exploited vulnerability, new regulatory and compliance requirements, and the rapid adoption of the cloud and IoT, says Markets and Markets. The global security and vulnerability management market size is projected to grow from $13.8 billion in 2021 to $18.7 billion by 2026, the analyst firm estimates.

Organizations are adopting enterprise mobility, virtualization, and cloud storage to boost business productivity, aided by the fact that business data can be easily accessed on mobile devices from the cloud and virtual storage. However, these technologies also expand the organization's attack surface and increase risk in case of lost or stolen data. Vulnerability scanning platforms help detect misconfigurations, such as weak passwords, improperly open ports in the firewall, Web servers with weak protections, missing security tools, and incorrectly assigned administrative privileges. The pandemic has highlighted the risks, with criminals ramping up their attacks to target organizations that rushed through deployment and had inadequate security controls in place.

New Nessus Features
The Nessus v10.0 -- generally available for new and existing customers -- features a built-in packet capture feature to troubleshoot potential scanning issues and a dynamic plug-in feature that improves scan performance. A resource center with user-specific information that provides actionable tips based on the operations being performed also is available.

Nessus for Raspberry Pi also lowers the barrier to entry for students interested in developing, or improving, their vulnerability assessment skills, the company says. 

"We developed Nessus with one goal in mind: making vulnerability assessment simple, easy and intuitive for everyone," stated Renaud Deraison, Tenable's CTO and co-founder, in a release.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights