Nessus is a scanner that primarily assesses the vulnerability of a network. In addition to checking for vulnerabilities, Nessus can be expanded via plugins, templates, and policies to provide additional assessment capabilities. Overall, Nessus is capable of performing over 150,000 different checks.
The scope of the Nessus integration is currently limited to integrating compliance checks, specifically the CIS AWS Benchmarks Compliance checks into SDE. A compliance check is a type of audit on a given system that checks to see whether that system is following security policies that are applied to it. SD Elements leverages the results from the Nessus AWS compliance checks to automatically mark the verification status of its security requirements. This tool integration can also support the enablement of our new Process Task Automation (PTA) feature. This is a new event-action framework that supports automatically transitioning SD Elements process tasks to ‘Complete’ based on the occurrence of triggering events within SD Elements, given certain predefined criteria.