Assignment:
Activity 1 (500 words)
Qualys provides a cloud-based security and compliance solution. The Qualys Cloud Platform and its integrated apps help businesses simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance, and protection for IT systems and web applications.
Nessus Agents are lightweight, low-footprint programs that you install locally on hosts to supplement traditional network-based scanning or to provide visibility into gaps that are missed by traditional scanning. Nessus Agents collect vulnerability, compliance, and system data, and report that information back to a manager for analysis. With Nessus Agents, you extend scan flexibility and coverage. You can scan hosts without using credentials, as well as offline assets and endpoints that intermittently connect to the internet. You can also run large-scale concurrent agent scans with little network impact.
Task 1.1
· Please download the QUALYS and NESSUS trial versions and install both the tools on your system (PC/Laptop). You can get online guides video tutorials and instructions on how to use these tools and to familiarize yourself with the menus.
Tasks 1.2:
· Scan any two devices such as servers, workstations, or any other network devices
· Scan any two web websites or portals
Task 1.3:
· Discuss how both reports are similar and different, which one is a better tool? Please take screenshots of scanners and submit your report on Moodle.
QUALYS:
· https://www.qualys.com/docs/qualys-api-vmpc-user-guide.pdf
· https://www.qualys.com/docs/qualys-community-edition-user-guide.pdf
NESSUS:
· https://docs.tenable.com/nessus/8_0/Content/Resources/PDF/Nessus_8_0.pdf
· https://docs.tenable.com/nessusagent/8_0/Content/PDF/Nessus_Agent_8_0_Guide.pdf