Vulnerability scanners are automated tools that allow organizations to check if their networks, systems and applications have security weaknesses that could expose them to attacks.

Nessus is one of the best and comes in both free and paid versions. Nessus has a feature whereby it updates its plugins automatically every day.

However, it is still possible to do a manual update or automate this process via cron. Doing a manual update also allows us to update the Nessus application and it’s license. This is especially useful when the Nessus installation is on a laptop or virtual machine which is not connected to the internet at the time of the automatic updates.

Manual updates can be done in three different ways.

To just update the plugins, run the following command:

sudo /opt/nessus/sbin/nessuscli update --plugins-only

To update the Nessus application, plugins and license, run the command:

sudo /opt/nessus/sbin/nessuscli update --all

Note that you will have to STOP the Nessus Daemon to update the application itself.

To do a standard update, run the command:

sudo /opt/nessus/sbin/nessuscli update