Nessus Installation and Configuration Guide for Developers

Nessus by Tenable is one of the most widely used vulnerability assessment tools with over 2 million downloads to date. Organizations like NASA, IMF, and eBay rely on Nessus for in-depth cybersecurity audits.

According to Statista, the global vulnerability scanner market will reach $1.4 billion by 2026. Nessus has a clear leadership in this rapidly growing industry with over 15% market share.

Why Choose Nessus?

Before we jump into the installation guide, let me highlight some key reasons why Nessus is a great fit for modern DevOps programs:

• Reliability – Time tested codebase with constant security updates since 1998
• Feature-rich – Static scanning, dynamic scanning, mobile app scanning, compliance audits – Nessus can do it all
• Customizable – Supports Python, JSON, XML and other APIs for integration
• Scalable Scanning – Distribute scan load efficiently across multiple scanners

Developers trust Nessus not just for its scanning capabilities, but also for the flexible deployment options. You can:

• Install on laptops, VMs, Docker containers, and cloud servers
• Automate report generation using Continuous Integration tools
• Custom build from source code for specific architectures

Next, let‘s get Nessus running on Ubuntu.

Installing Nessus on Ubuntu

First, register on the Tenable website to get your home feed license key for free vulnerability scans.

For increased control and customization, I recommend compiling Nessus from the source code:

git clone https://github.com/tenable/nessus
cd nessus
./configure
make install

This allows tweaking the compilation parameters as per your systems.

Alternatively, you can download the pre-built Debian package for Ubuntu:

wget https://www.tenable.com/downloads/api/v1/public/pages/nessus-agents/downloads/12624/download -O nessus.deb

Install the dependencies first on Ubuntu:

sudo apt update
sudo apt install libnessus-dev libopenvas-dev openvas-sqlite3-dev 

Then install the Nessus package:

sudo dpkg -i nessus.deb

After installation, start the Nessus service:

sudo systemctl enable nessusd 
sudo systemctl start nessusd

Verify that Nessus is running using:

sudo systemctl status nessusd

By default Nessus uses port 8834. You can configure the web interface:

https://localhost:8834

Default credentials are admin/admin.

Configuring Scans

Let‘s setup a sample scan policy to assess our systems:

First, create a new scan template:

Name – My App Servers Scan
Policy – Internal PCI Network Scan
Targets – 192.168.5.x (prod servers subnet)

Ensure Enable Credentials is checked. Configure SMB, SSH, Windows credentials so Nessus can deeply scan your systems without triggering lockouts.

Under Plugins, select:

• 100034 – Detect SSL issues
• 50807 – Check for XSS vulnerabilities
• 65211 – Audit Docker containers

And more plugins for mobile apps, SCADA systems as per your environment.

Finally, schedule weekly scans for routine audits.

You can also create customized templates for different teams, environments and use cases using the same methodology.

Automated Scan Management

For teams with over 50+ scans, it becomes tedious to manage everything via GUI.

Nessus makes automation easy using REST API and CLI:

# Login to get token
curl -k -X POST https://localhost:8834/session \
--header "Content-Type: application/json" \
-d ‘{"username": "admin", "password": "secret123"}‘

# Get all scans 
curl https://localhost:8834/scans?accessKey=abc123

# Launch a scan
curl -k -X POST -H "X-Cookie: token=123abc" https://scanner1:8834/scans/1/launch

# Download scan results
curl https://localhost:8834/scans/1/export -o /tmp/myscan.nessus

You can embed the API calls within your CI/CD pipelines for automated testing every time new code is deployed.

This script showcases the post-scan results analysis:

import pynessus

report = pynessus.process_nessus_report("/tmp/myscan.nessus")

vuln_count = len(report.findings)

for host in report.hosts:
   print(f"Vulnerabilities on {host.hostname}:")
   for vuln in host.vulnerabilities:
       print(f"{vuln.plugin_name} ==> {vuln.synopsis}") 

Processing Nessus output for aggregation, metrics dashboards and notifications becomes straightforward with Python.

Enhanced Capabilities at Scale

The open source Nessus HomeFeed allows basic network and web app vulnerability checks.

For comprehensive security assessments, the Nessus Professional feed includes 50,000+ vulnerability checks covering:

• Cloud infrastructure – AWS, Azure and GCP
• Containers – Docker, Kubernetes
• SCADA systems – ICS, PLCs
• Web frameworks – Node.js, Django, React
• Compliance – HIPAA, PCI, NERC
• Mobile – iOS, Android apps

Commercial use cases like Fortune 500 organizations and penetration testing firms require the Nessus Pro feed.

What‘s more, scan results from multiple Nessus scanners can be consolidated for a single-pane-of-glass view into your organization‘s security posture.

This scale lets administrators run 2000+ assessments daily across development, QA, staging and production environments.

According to a 2022 MITRE DevSecOps study, top performers automated security scaffolding and testing tools for CI/CD. Nessus perfectly complements this approach with on-demand vulnerability analysis.

Conclusion

I hope you found this Nessus setup guide useful for your environment. Here are some key takeaways:

• Install and configure Nessus scanners on Ubuntu with provided steps
• Create customized scan templates tailored to your infrastructure
• Schedule periodic assessments to proactively find security flaws
• Automate API-based scanning for CI/CD integration
• Manage 100s of distributed vulnerability scans from a central interface

Please leave any questions as comments and I‘ll be glad to address them.