Nessus® is a popular vulnerability scanning tool used by organizations to identify, assess, and manage software vulnerabilities. Reports generated by Nessus provide a wealth of information to auditors and security professionals about system vulnerabilities. In addition to webpage style reports, Nessus results can also be exported into an XML file (.nessus) that contain the full details of a scan, including results, scan profiles and plugins selected, and other scan configurations. Viewing these .nessus files, especially if there are multiple files, can be challenging. However, PowerShell®, with its built-in capabilities for parsing XML files, is an excellent tool for extracting information from one or many files. Anyone who uses information in Nessus files will find PowerShell to be a critical tool in working with Nessus.
This one-day hands-on virtual class will provide students with the PowerShell commands and approach to import, identify scan and scan results information, and export this information into a workpaper-friendly CSV file. Auditors and security professionals who need to work with Nessus data offline, or import into other tools, will benefit from attending this course.
Writing a PowerShell script to identify scan profile and results information and export to a CSV file
Trouble shooting tips
Mike Howard is an experienced IT auditor with over 29 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies, including mainframes, Unix environments, Active Directory, databases, Cisco devices, and Windows computers. Mike embraces innovative technologies to accomplish his audits, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell, he’s written over 300 PowerShell scripts.
Mike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 17+ years, most of the time as Internet/Communications Director. Mike is currently the Associate Director for Web Development, where he manages the chapter’s website. Mike has also used PowerShell to accomplish tasks related to his Chapter duties, including creating web pages, calculating CPE credits, and updating membership rosters.
Mike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University.
Virtual Meeting Information
This event will be presented through Zoom. The instructor will send an email with the zoom link prior to the event.
Prior to the event, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.
Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.
The ISACA Greater Washington, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.
If you have CPE questions after the event has concluded, please contact the chapter using the CPE Contact Form.
Cancellation and Refund Policy
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details.
If ISACA GWDC cancels the event, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided.
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form.
Earn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org
CPE Distribution and Evaluation Survey
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.
After completing this course, students will have basic skills to use PowerShell to import, view, and export data from Nessus XML files.
Prerequisites: Students should be familiar with using PowerShell and working with Nessus.
Advance Preparation: The instructor will provide materials during the Zoom. Students can follow along with the instructor in executing PowerShell commands during the course.
Program Knowledge Level: Intermediate
Delivery Method: Group Internet Based
Field of Study: Information Technology – Technical