NFR v0.8.0: New scan command option - Plugin Publication Date

The latest release of NFR (nessus file reader) v0.8.0 now include a powerful new feature: vulnerabilities summary by Plugin Publication Date.

Thanks to these new feature, you can now generate summaries of plugins based on their publication date, allowing you to identify potential gaps in your vulnerability management strategy.

Why is it worth to check plugin publication date?

It allows you to quickly identify how many previously recognized vulnerabilities have not yet been remediated.

Some of the plugins are associated with CVE identifiers, in these cases the plugin publication date is usually close to the CVE publication date.

Example:
Plugin ID: 83344
Plugin name: Ubuntu 14.04 LTS : Libtasn1 vulnerability (USN-2604-1)
Plugin publication date: 5/12/2015
CVE: CVE-2015-3622
CVE publication date: 2015-05-12

Examples

nfr scan --plugin-publication-date bar year

nfr scan -plpd bar year -f "[?risk_factor != 'None']" file1 dir1 dir2
Example bar chart showing the number of plugins by publication year.

Example bar chart showing the number of plugins by publication year.

nfr scan --plugin-publication-date line year

nfr scan -plpd line year -f "[?risk_factor != 'None']" file1 dir1 dir2
Example line chart showing the number of plugins by publication year.

Example line chart showing the number of plugins by publication year.

See also

For detailed usage guides, check out nfr scan --plugin-publication-date section.

Hint

You can download the latest version of NFR (nessus file reader) from PyPI using pip. Read more on Upgrade page.