Nessus Scanner output import

[davidecasale]

Hi,
I find your project very interesting.. The web interface is very clearly and cleanly structured...
Is there already a way to import the output of a Nessus scanner to get data in the "vulnerabilities" section of your dashboard/web gui?
I've seen the Nessus "plugin," but I don't know if it's still being developed... even just manually ingesting the .nessus files (which are actually XML files) would be very helpful... (obviously related to the machines discovered with the current discovery process)..

only to know...
thank you very much,
best regards,
davide

[mizhm]

Hi, I find your project very interesting.. The web interface is very clearly and cleanly structured... Is there already a way to import the output of a Nessus scanner to get data in the "vulnerabilities" section of your dashboard/web gui? I've seen the Nessus "plugin," but I don't know if it's still being developed... even just manually ingesting the .nessus files (which are actually XML files) would be very helpful... (obviously related to the machines discovered with the current discovery process)..

only to know... thank you very much, best regards, davide

Hi Davide,

Thank you very much for your kind words and for taking the time to explore our project — we really appreciate your interest. We’re glad to hear that you find the web interface clear and well structured.

Regarding your question about Nessus integration: at the moment, the platform does not support importing .nessus files (XML) manually into the vulnerabilities section.

Instead, the current approach is to integrate directly with a Nessus instance. After a scan is completed on the Nessus side, the scan results are pushed back to the platform automatically and then correlated with the assets discovered through the existing discovery process. This allows vulnerability data to stay up to date without requiring manual file uploads.

You’re correct that there was a Nessus plugin previously; however, the active and supported path today is the direct instance integration rather than file-based ingestion.

That said, your suggestion about manually ingesting .nessus files is very valid and useful, and it’s something we may consider for future improvements.

Thank you again for your interest and for sharing your thoughts. Please feel free to reach out if you have any further questions or ideas.

Best regards,
mizhm

[davidecasale]

Hi, thank you for your email..

Instead, the current approach is to integrate directly with a Nessus instance. After a scan is completed on the >Nessus side, the scan results are pushed back to the platform automatically and then correlated with the assets >discovered through the existing discovery process. This allows vulnerability data to stay up to date without >requiring manual file uploads.

I assume the integration with Nessus is still being written... I'll gladly try it when it's ready ;-) The plugin will need three parameters to communicate with the Nessus scanner: ACCESS_KEY SECRET_KEY BASE_URL (example: https://github.com/h3st4k3r/nessus-tenable-api-scripts) best regards, davide

…

--

---------------------------------- DAVIDE CASALE Chief Technology Officer (CTO) e-mail: ***@***.*** SK IT Cyber Security https://www.sk-it.com ----------------------------------

________________________________ Da: Nguyen Tuan Minh ***@***.***> Inviato: Mercoledì, 4 Febbraio, 2026 15:22 A: oasm-platform/open-asm ***@***.***> Cc: Davide Casale ***@***.***>; Author ***@***.***> Oggetto: [EXT] Re: [oasm-platform/open-asm] Nessus Scanner output import (Discussion #266) Attenzione: Questo messaggio proviene da un mittente esterno. Non cliccare link o aprire allegati sospetti. Hi, I find your project very interesting.. The web interface is very clearly and cleanly structured... Is there already a way to import the output of a Nessus scanner to get data in the "vulnerabilities" section of your dashboard/web gui? I've seen the Nessus "plugin," but I don't know if it's still being developed... even just manually ingesting the .nessus files (which are actually XML files) would be very helpful... (obviously related to the machines discovered with the current discovery process).. only to know... thank you very much, best regards, davide Hi Davide, Thank you very much for your kind words and for taking the time to explore our project — we really appreciate your interest. We’re glad to hear that you find the web interface clear and well structured. Regarding your question about Nessus integration: at the moment, the platform does not support importing .nessus files (XML) manually into the vulnerabilities section. Instead, the current approach is to integrate directly with a Nessus instance. After a scan is completed on the Nessus side, the scan results are pushed back to the platform automatically and then correlated with the assets discovered through the existing discovery process. This allows vulnerability data to stay up to date without requiring manual file uploads. You’re correct that there was a Nessus plugin previously; however, the active and supported path today is the direct instance integration rather than file-based ingestion. That said, your suggestion about manually ingesting .nessus files is very valid and useful, and it’s something we may consider for future improvements. Thank you again for your interest and for sharing your thoughts. Please feel free to reach out if you have any further questions or ideas. Best regards, mizhm — Reply to this email directly, view it on GitHub<#266 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AUSNN3FEKBJMIUE5YARIPST4KH6CLAVCNFSM6AAAAACTSXGOGGVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTKNRZGQ4TQOA>. You are receiving this because you authored the thread.Message ID: ***@***.***>