Automated Test Harness integrates Nessus
Nessus Scans are now working as part of the ATH. This means that the scans are automatically triggered each day on a freshly installed system, rather than having to manually setup and run every time. Each time the ATH is kicked off, a new VM system is deployed, which installs the OS and the latest bundles. After carrying out the usual functional automated testing, a scan is run on each of the systems (web interface system and the backend system). Once the scan is complete a pdf report is created, which provides a summarised list with the severity ranging from Info, Low, Medium, High and Critical; followed by detailed information of each check (such as the description, solution, Risk Factor).
The ATH will fail the test on any severity other than Info. This will get flagged up in the ATH report on Jenkins, which means any regressions or new issues can be communicated with engineering immediately.