



Introduction

Here at Astrix, we need to perform vulnerability assessments quite frequently, both on our own systems and on our clients’ systems as part of our Cyber Essentials Plus service and our cybersecurity assessment service.

To help with this, we use Tenable’s Nessus Professional which is marketed as the “#1 for vulnerability assessment” in accuracy, coverage, and adoption and, in our experience, this is true. However, it has a bit of a learning curve so we decided to ease this for others as best as we can by sharing the tips and tricks we’ve accumulated over the years.

Please note that some resolutions we’ve documented in the past but we weren’t able to recreate / test while writing this. If we do manage to confirm these then we’ll update this but, for now, these have been marked with an asterisk (*).