PCI Agent Scan Template now available!
As a result of the PCI DSS 4.x specification release, credentialed scanning is now a requirement for the PCI internal scanning. In response, Tenable has created the Tenable PCI Agent scan template, which can be used to scan your network via the PCI Internal Nessus Agent scan template in Tenable Vulnerability Management. For systems where agents cannot be installed, the defined approach in PCI DSS 11.3.1.2 (by way of the Internal PCI Network Scan scan template) is still applicable. The internal PCI network scan (uncredentialed network scan) is still required to cover vulnerabilities related to network services by port scans. Please visit LINK for details on scan configuration and also LINK for configuration of the PCI Agent.
Azure Cloud Infrastructure Scanning for Government
Summary As CISA BOD 25-01: Implementing Secure Practices for Cloud Services is being implemented, Tenable customers need a method to scan their cloud configuration for compliance. Tenable has enabled the ability to authenticate against the US Government national cloud in Microsoft Azure. Authentication Environment To accomplish the scanning of national clouds in Microsoft Azure, the Microsoft Azure credential has been enhanced to include the Authentication Environment preference. This preference has the default value of "Global", with an added value of "US-Gov". To use the credential in the US Government national cloud, Tenable customers will need access to the cloud being specified and have setup application access to the instance by following the procedures in Configure Azure for a Compliance Scan. Tenable Plugins 79357 - Microsoft Azure Compliance Checks Target Release Date Immediate
