Today, Tenable released two new plugins for Nessus 3 that can audit the configuration of a remote UNIX or Windows system and report compliant or not compliant with a set of user-defined security policy configuration settings.
We´ve also written policies based off of the publicly available hardening and best practice guides from the NSA, NIST, CERT and the Center for Internet Security. These plugins are available to any Nessus Direct Feed customer or Security Center user.
Along with the new plugins and audit policies, we also have released two tools that allow users to quickly build their own polices for scanning Windows hosts. The i2a.exe (in2 to audit) Windows executable allows users to convert existing Windows policy files to a direct Nessus 3 audit file. Similarly, the Windows Nessus Policy Creator allows users to create audit policies based on the exiting configuration of their servers.Read Full Story