Nessus

Nessus by Tenable is one of the most widely deployed vulnerability scanners in the world, trusted by enterprise security teams, government agencies, and managed security service providers. Originally released as an open-source project in 1998 before Tenable commercialized it, Nessus has built a formidable plugin library spanning over 190,000 CVEs across network devices, operating systems, cloud workloads, and web applications.

The scanner operates on a client-server model where the Nessus daemon runs on a dedicated host and is managed through either a web interface or the Tenable.sc / Tenable.io management platforms for enterprise deployments. Its credentialed scanning capability — the ability to authenticate to target systems over SSH, WMI, or SNMP — allows it to enumerate installed software, patches, and configuration settings that are invisible to external port scans.

Nessus supports a comprehensive range of scan types including network vulnerability scans, web application tests, compliance audits, and malware detection. Its policy-based scanning engine allows teams to create reusable scan templates tailored to specific environments, regulatory requirements, or threat models. Integration with Tenable.io provides cloud-hosted scan management, while Tenable.sc offers on-premise orchestration for air-gapped or high-security environments.