Seminar – Auditing with PowerShell®: Nessus®

Nessus® is a popular vulnerability scanning tool used by organizations to identify, assess, and manage software vulnerabilities.  Reports generated by Nessus provide a wealth of information to auditors and security professionals about system vulnerabilities.  In addition to webpage style reports, Nessus results can also be exported into an XML file (.nessus) that contain the full details of a scan, including results, scan profiles and plugins selected, and other scan configurations.  Viewing these .nessus files, especially if there are multiple files, can be challenging.  However, PowerShell®, with its built-in capabilities for parsing XML files, is an excellent tool for extracting information from one or many files.  Anyone who uses information in Nessus files will find PowerShell to be a critical tool in working with Nessus.  

This one-day hands-on virtual class will provide students with the PowerShell commands and approach to import, identify scan and scan results information, and export this information into a workpaper-friendly CSV file.  Auditors and security professionals who need to work with Nessus data offline, or import into other tools, will benefit from attending this course.

This course builds on the concepts presented in the Seminar – Introduction to Auditing with PowerShell®.

Registration closes on February 29, 2024 @ 5pm.

Register Today!

 

Agenda

Morning Topics

• Overview of Nessus and PowerShell
• Navigating Nessus XML Files (including hands-on practice)
• Working with Nessus Scan Policy Details section of Nessus files (including hands-on practice)
• Working with Nessus Scan Results Details section of Nessus files (including hands-on practice)

Afternoon Topics

• Walkthrough of PowerShell script for working with Nessus files
• Practice executing PowerShell script
• Troubleshooting Tips
• Practice Exercises

 

Materials Provided During the Seminar

Each student attending the seminar will be provided:

• Presentation materials, which include detailed examples
• Practice Nessus files
• PowerShell script for working with Nessus Files
• Answers to Practice Exercises
• Link to the seminar recording, good for 30 days after the seminar

 

Instructor

 

Virtual Meeting Information

• This event will be presented through Zoom.  The instructor will send an email with the zoom link prior to the event.
• Prior to the event, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.
• Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.
• The ISACA Greater Washington, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.

 

Event Questions and Policies

Registration Questions

If you have any registration questions about this event, please contact the chapter using the Registration Contact Form.

If you have CPE questions after the event has concluded, please contact the chapter using the CPE Contact Form.

 

Cancellation and Refund Policy

Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details.

If ISACA GWDC cancels the event, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided.

 

Complaint Policy

The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form.

 

CPE Information

Earn up to 7 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org

 

CPE Distribution and Evaluation Survey

CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.

 

Learning Objective

After completing this course, students will be able to:

• Read and navigate Nessus XML files
• Import data from Nessus files into PowerShell
• Analyze and export Nessus data to CSV files 

 

CPE-Related Details

• Prerequisites: Students should be familiar with using PowerShell and working with Nessus.
• Advance Preparation: The instructor will provide materials during the Zoom. Students can follow along with the instructor in executing PowerShell commands during the course.
• Program Knowledge Level: Intermediate
• Delivery Method:  Group Internet Based
• Field of Study:  Information Technology – Technical