Plugins
As information about new vulnerabilities are discovered and released into the general public domain, Tenable's research staff designs programs to enable Nessus and NeWT to detect the presence of them. These programs are named 'plugins' and are written in the Nessus Attack Scripting Language (NASL). The plugins contain vulnerability information, a generic set of remediation actions and the algorithm to test for the presence of the security issue. In some cases, one plugin may depend upon another. Typically, Tenable Network Security produces plugins for vulnerabilities within 24 hours of its public release.
Direct, Registered and GPL Feeds
Three feeds are available - Direct, Registered and GPL.
A 'Direct Feed' is commercially available which entitles subscribers to the latest vulnerability checks. Customers who purchase a Lightning Console or NeWT Pro scanner receive access to this feed with their annual product maintenance.
A 'Registered Feed' is available for free to the general public, but new plugins are added seven days after they are added to the 'Direct Feed'. To obtain access to the 'Registered Feed', users are required to enter contact information for tracking and also agree to Tenable's license agreement for the plugins.
The 'GPL Feed' does not require registration, and includes plugins written by the user community. As manager of the Nessus project, Tenable continues to accept plugins written from the Nessus and NeWT user communities. Plugins accepted with a copyright under the GNU Public License will be distributed to the Direct, Registered and Public feeds at the same time.
Pricing
The access to the GPL feed and to the Registered Feed is free.
Pricing for the 'Direct Feed' is based upon the number of Nessus or complimentary copies of NeWT in use within your organization, consultancy or service. The cost is $1200 per scanner per year. For more information, please contact Tenable's sales staff.
Paying for the NESSUS Plugin Feed?
Reply With Quote