This project focuses on conducting an analysis of Nessus vulnerability scan results using Excel spreadsheet. It aims to provide an organized and efficient method for interpreting the scan data and identifying vulnerabilities.

To get started with the vulnerability scan analysis, follow these steps:

1. Locate the scan results repository (e.g., SharePoint).


2. Download a copy of the raw scan results to be analyzed.






3. Start the analysis by removing unwanted information on the scan results and sorting them by criticality.


4. Analyze the results based on vulnerability plugin ID.



5. Send the analyzed scan results to the system administrators, notifying them of the identified vulnerabilities.


6. If any vulnerability cannot be remediated within the organization's time frame for fixing vulnerabilities (e.g., 30 days), create a Plan of Action and Milestones (POA&M).

Here are the following references used in this project:

• Nessus - https://www.tenable.com/products/nessus
• FedRAMP Template - https://www.fedramp.gov/documents-templates/