Nessus
Last updated
Last updated
© 2024 PlexTrac, Inc. All rights reserved.
PlexTrac supports importing files from Nessus in XML Export 2.0 or Nessus file formats. Nessus scans vulnerabilities on various assets, including servers, network devices, virtual machines, and endpoints. It identifies vulnerabilities and configuration issues that attackers could exploit and provides detailed reports on these findings.
Below are the field mappings from Nessus to PlexTrac, broken up by findings and assets.
Tables include the following columns:
Nessus Field: the field name in Nessus
Direction: displays the direction in the flow of data occurring for the integration
PlexTrac Field: the field name in PlexTrac
Notes: Additional information on the business rules
Below are the mappings of fields. If a field is not listed, PlexTrac does not currently import it.
| Nessus Field | Direction | PlexTrac Field |
|---|---|---|
Plugin Id Name | --> | Finding Title |
Plugin Id Description | --> | Finding Description |
CVSS2 | --> | CVSS Type |
CVSS2 Base Score | --> | CVSS Score |
CVSS2 | --> | CVSS Vector |
CVSS3 | --> | CVSS Type |
CVSS3 Base Score | --> | CVSS Score |
CVSS3 | --> | CVSS Vector |
Synopsis | --> | Custom Field "Synopsis" |
See Also | --> | Refrences |
Solution | --> | Recomendations |
Exploitable With | --> | Exploitable With |
Below are the mappings of fields and any notes to provide context. If a field is not listed, PlexTrac does not currently import it.
When importing a Nessus file for the second time, assets that were previously closed will remain closed, even if their associated findings are open. PlexTrac currently supports reopening findings upon re-import but does not support reopening assets.
| Nessus Field | Direction | PlexTrac Field | Notes |
|---|---|---|---|
Known IP or FQDN | --> | Asset Name | If a FQDN value exists in Nessus, this populates both the If there is no FQDN value, the IP address from Nessus populates the If FQDN and IP address values exist in Nessus, the FQDN value populates both the |
Plugin Output | --> | Asset Evidence | |
Known Ip Addresses | --> | Known IP Addresses | |
NetBIOS Name | --> | NetBIOS Name | |
Operating System | --> | Operating System | |
Host RDNS | --> | Host RDNS | |
Total CVEs | --> | Total CVEs | |
Host FQDN | --> | Host FQDN | |
MAC Address | --> | MAC Address | |
Ports | --> | Affected Ports | |
Service | --> | Affected Ports | |
Protocol | --> | Affected Ports |
