Vulnerability Scanning

45

Figure 4-11: The main Nessus window

On login, you will see the Reports section, where any prior vulnerability 

scans should be listed. Along the top of the interface, you should see the Scans 
tab, where you can create and view scanning tasks; the Policies tab, where you 
configure Nessus to include various plug-ins you want to use in your scans; 
and the Users tab, where you can add user accounts to the Nessus server.

Creating a Nessus Scan Policy

Before beginning a scan, you first need to create a Nessus scan policy. On the 
Policies tab, click the green 

Add

 button to open the policy configuration win-

dow shown in Figure 4-12.

Figure 4-12: The Nessus Policies configuration window