Affordable Access

Publisher Website

Compliance Monitoring with Nessus 3-Chapter 13

Elsevier Inc.
DOI: 10.1016/b978-1-59749-208-9.00013-7


Publisher Summary This chapter provides an understanding of the security standards and demonstrates how the Nessus 3 can be used to help monitor and ensure compliance within an organization. Nessus 3 is the latest version of the popular Nessus software to be released to the public. It is a complete rewrite of the original code and provides dramatic improvements in the areas of effectiveness, efficiency, and speed. Tenable Network Security has increased the value of the product by including a number of sample configuration files that are available to registered users of their Direct Feed or Security Center products. Nessus 3 can be used to check compliance against any known regulation or requirements. This includes FERPA, HIPAA, NIST, CIS, Sarbanes-Oxley, and NERC. The compliance checks used within Nessus are completely dependent on the statements placed in the audit file. Audit files are text based configuration files that tell Nessus 3 what to check for. Nessus 3 audits can be performed against the target host's configuration, or against content in the files on the host. Current audit file types include Unix, Windows, and WindowsFiles.

There are no comments yet on this publication. Be the first to share your thoughts.