"Nessus Network Auditing," by Renaud Deraison et al. (Syngress Publishing), is dedicated to explaining the inner workings of the Nessus open-source vulnerability scanning tool.
This $49.95 paperback is my new bible for running one of the most useful security testing tools available. The book takes an enterprise view in explaining everything from how to install Nessus to the best way to maintain the plug-in modules that are the backbone of the product.
Renaud Deraison, founder of the Nessus Project and a frequent online authoritative source of advice about Nessus, is one of the most significant contributors in this collaborative effort. The book is artfully edited, and each section reads as if written by the same author, with consistently useful tips and tricks.
After reading "Nessus Network Auditing," even senior IT managers with limited hands-on network security assessment will get fresh insight into how one of the most common scanning tools works.
One area that Ive always had questions about is how best to interpret Nessus reports. There is a chapter on this topic, and it was immediately useful to me in scanning the eWEEK Labs test network for weaknesses.
Youll be repaid many times over for investing in a copy of "Nessus Network Auditing."
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.