False Positives in Nessus scans

It is a frequent occurrence for a vulnerability to be identified based upon the version string of a product or component alone. These kind of alerts often do not dissapear after remediation. Instead, a mitgation log has to be establised in order to manually track compliance.

By using version-only vulnerability plugins, it is mostly useful for deep scans while it is not as appropriate for frequent scans because it will only generate ‘noise’ consisting of false positives once the mitigation is deployed and a manual compliance process is established.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s