News
Tenable Unveils Comprehensive Web Application and API Scanning Capabilities for Nessus Expert
August 2023 by Marc Jacob
Tenable® announced web application and API scanning in Tenable Nessus Expert, new features that provide simple and comprehensive vulnerability scanning for modern web applications and APIs.
Web application and API scanning in Nessus Expert are dynamic application security testing (DAST) features that enable security practitioners to proactively identify and assess web applications and APIs for known vulnerabilities. This includes OWASP Top 10 vulnerabilities in custom application code and known vulnerabilities found in third-party components.
Backed by Tenable Research, Nessus provides broad and accurate vulnerability coverage for web applications and APIs – spanning web application servers, content management systems, web frameworks, programming languages and JavaScript libraries. The result is fewer false positives and negatives, ensuring security practitioners know the true risks in their applications.
Nessus Expert is the industry’s first vulnerability assessment solution that spans traditional IT assets and the dynamic modern attack surface, including the external attack surface, cloud infrastructure and now, web applications and APIs. This new feature and functionality enables security practitioners to:
● Set-up new web app and API scans and easily generate comprehensive results
● Rapidly discover known vulnerabilities and cyber hygiene issues using predefined scan templates for SSL/TLS certificates and HTTP header misconfigurations
● Identify all web applications, APIs and underlying components owned by a given organization
● Confidently and safely scan environments without disruptions or delays
