From 392f7a3e2b78a828900b84bb405924fc93585594 Mon Sep 17 00:00:00 2001
From: Jeremy Bonghwan Choi <jechoi@redhat.com>
Date: Tue, 10 Dec 2024 10:33:53 +1000
Subject: [PATCH] updated README for Nessus (#271)

Co-authored-by: sfowl <sfowler@redhat.com>
---
 README.md | 28 +++++++++++++++++++++++++---
 1 file changed, 25 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index f212106..3c369f6 100644
--- a/README.md
+++ b/README.md
@@ -6,13 +6,15 @@ RapiDAST (Rapid DAST) is an open-source security testing tool that automates DAS
 
 RapiDAST provides:
 
-- Simplified HTTP/API security scanning using [ZAP]
+- Automated HTTP/API security scanning using ZAP
+- Kubernetes operator scanning using OOBTKUBE
+- Automated vulnerability scanning using Nessus (requires a Nessus instance)
 - Command-line execution with yaml configuration, suitable for integration in CI/CD pipelines
 - Ability to run automated DAST scanning with pre-built or custom container images
 - HTML, JSON and XML report generation
-- Integration with reporting solutions such as [OWASP DefectDojo](https://owasp.org/www-project-defectdojo/)
+- Integration with Google Cloud Storage and [OWASP DefectDojo](https://owasp.org/www-project-defectdojo/)
 
-RapiDAST is used for testing applications, and should not be used on production systems.
+RapiDAST is for testing purposes, and should not be used on production systems.
 
 ## Quickstart
 
@@ -488,6 +490,26 @@ scanners:
         	- formhandler.fields.field(0).value=default
 ```
 
+#### Nessus
+
+Nessus is a vulnerability scanner developed by Tenable, Inc. It helps organizations identify and address security vulnerabilities across various systems, devices, and applications.
+
+The following is an example to launch a scan:
+```yaml
+scanners:
+  nessus:
+    server:
+      url: https://nessus-example.com/ # URL of Nessus instance
+      username: foo # OR username_from_var: NESSUS_USER
+      password: bar # OR password_from_var: NESSUS_PASSWORD
+    scan:
+      name: test-scan # name of new scan to create
+      folder: test-folder # name of folder in to contain scan
+      policy: "py-test" # policy used for scan
+      # timeout: 600 # timeout in seconds to complete scan
+      targets:
+      - 127.0.0.1
+```
 
 #### Generic scanner