Forum Discussion

Altocumulus

May 05, 2025

Can i import nessus vulnerability scanner report?

Dear All Hope you all are doing well. Can anyone tell me how to import the Nessus vulnerability scanner report to protect my application until the vulnerabilities are fixed in F5 Big-IP WAF? I foun...

security

VishnuGatla

Cumulonimbus

Jun 03, 2025

Hi RockBD,

I’m sure you’ve already figured it out, but here’s my answer

You cannot directly import a Nessus vulnerability scanner report into ASM/WAF and ASM natively supports importing vulnerability reports from certain scanners (such as Qualys, IBM AppScan, HP WebInspect, Trustwave, WhiteHat, and others) and also supports a "Generic Scanner" XML format that must conform to F5's schema.

To use a Nessus report, you would need to convert it to the "Generic Scanner" XML format that matches the BIG-IP ASM schema (generic_scanner.xsd). This is not a built-in feature of Nessus and would require custom scripting or manual conversion.

Please follow the steps as described in the community:

Nessus 6 XSLT Conversion for ASM Generic Scanner Import | DevCentral

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)