Nessus® is a popular vulnerability scanning tool used by organizations to identify, assess, and manage software vulnerabilities. Reports generated by Nessus provide a wealth of information to auditors and security professionals about system vulnerabilities. In addition to webpage style reports, Nessus results can also be exported into an XML file (.nessus) that contain the full details of a scan, including results, scan profiles and plugins selected, and other scan configurations. Viewing these .nessus files, especially if there are multiple files, can be challenging. However, PowerShell®, with its built-in capabilities for parsing XML files, is an excellent tool for extracting information from one or many files. Anyone who uses information in Nessus files will find PowerShell to be a critical tool in working with Nessus.
This one-day hands-on virtual class will provide students with the PowerShell commands and approach to import, identify scan and scan results information, and export this information into a workpaper-friendly CSV file. Auditors and security professionals who need to work with Nessus data offline, or import into other tools, will benefit from attending this course.
This course builds on the concepts presented in the Seminar – Introduction to Auditing with PowerShell®.