When it comes to vulnerability scanning and analysis, IT security and compliance requirements for critical infrastructure facilities (CRITIS) have been aligned for some time. Technical systems ensure the regular review of IT security not only through external audits every few years, but as a continuous process of internal auditing.
Vulnerability scanners are an important technical building block: they are used on a case-by-case basis for security auditing or listen for systems on the network on a daily basis,
- that have been newly added or have unintentionally disappeared,
- which are not (yet) configured correctly or incorrectly,
- which do not have the necessary software status for operating system or applications,
- that have been put into operation without permission or
- that could pose a threat to the network.
The scanners are also suitable for detecting vulnerabilities in the administration of hardware, software and applications, which may also have organizational or personnel reasons.
Nessus is a network and vulnerability scanner from vendor tenable to scan networks with operating systems and running services. Tenable One is a fully integrated, cloud-based platform that takes an analytical approach to threat management. It offers the diversity of Tenable's product portfolio - from vulnerability management and cloud security to identity security and external attack surface management. All insights are embedded in context to help users make better decisions based on cyber risk.
After tenable placed the originally free program Nessus under a proprietary license in 2005, the BSI funded further development in an independent and still free version under the name OpenVAS. The Greenbone Networks GmbH from Osnabrück enriches this open source software with further features and services. SerNet regularly uses this commercial product in customer projects.