Try our new research platform with insights from 80,000+ expert users

Cisco Vulnerability Management (formerly Kenna.VM) vs Tenable Nessus comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Cisco Vulnerability Managem...
Average Rating
8.0
Number of Reviews
1
Ranking in other categories
Cisco Security Portfolio (11th), Risk-Based Vulnerability Management (18th)
Tenable Nessus
Average Rating
8.4
Number of Reviews
78
Ranking in other categories
Vulnerability Management (1st)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cisco Vulnerability Management (formerly Kenna.VM) is designed for Risk-Based Vulnerability Management and holds a mindshare of 3.1%, up 1.5% compared to last year.
Tenable Nessus, on the other hand, focuses on Vulnerability Management, holds 13.2% mindshare, down 16.3% since last year.
Risk-Based Vulnerability Management
Vulnerability Management
 

Featured Reviews

AshishPaliwal - PeerSpot reviewer
May 19, 2022
Offers contextual prioritization and risk-based remediation of vulnerability
An improvement would be some sort of an integration with any GRC suite. There are a lot of GRC suites available, like Archer, MetricStream, Rsam, Protiviti, for example. So how would a solution like this work if my company has already invested thousands or maybe millions in a GRC solution? Do I still need it and how does it fit into an existing SAP environment? There could be interoperability, having more data sources, integrating Splunk, Qualys, FireEye, Rapid7, Carbon Black. I'm sure all that can be done to an extent, with a little more insight and a little more accuracy on the industry numbers and trends. I'd like the solution to offer any sort of assistance in any way with the remediation part, not just identification of vulnerability risk, and that is second.
Matthew Weisler - PeerSpot reviewer
Feb 16, 2023
Unlimited assets for one price and quick, agentless results
I implement the solution as a vulnerability management tool for client use cases. It can be used for public factors because it sits right where you have tie in and bleeds over or in between other tools as another piece in the EDR puzzle. The solution identifies vulnerabilities, applies patches, and…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The risk context of any vulnerability is a valuable feature."
"The most valuable feature of Tenable Nessus is website scanning."
"It allows me to prioritize efforts and utilize effective technical resources."
"The most valuable feature is the breadth of vulnerabilities that it finds. It's able to find across a lot of different platforms and operating systems. It's also able to combine local testing with network-based testing."
"The most valuable feature of Tenable Nessus is the dashboard. They are convenient to use."
"The most valuable aspect of this solution is that you receive the entire report, which details the breakdown, especially in terms of critical, high, low, and mediums."
"We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure."
"Makes ransomware checking and OS auditing and implementation relatively easy."
"We have done code scanning for a long period because as a company, we do DevOps as part of our development life cycle."
 

Cons

"An improvement would be some sort of an integration with any GRC suite."
"It wasn't very clear how the scripts are running the scans. There's information about the script but it's not straightforward. The script information for each of the plugins should be available, but it doesn't give us straightforward direct information about how it was executed. That needs to be more clear."
"I would like to see more on the automation side."
"Tenable Nessus could improve by having more steady updates which will reduce the vulnerabilities."
"It would be a good idea if they have a simulation of attacks or a use case for finding a new vulnerability or dealing with a zero-day attack."
"The reports are okay, but the interface is a bit difficult to navigate in some cases."
"The solution should be able to support more devices."
"Pricing is one of the most important features, and it is something that they can improve on."
"Remediation needs improvement."
 

Pricing and Cost Advice

"I think the pricing is based on the number of endpoints, so it's more subscription-based."
"Tenable Nessus needs to be licensed. We own a license for the security center and that license is charged by the number of IP addresses that you can scan. You're allowed to have as many scanners as you want and there's no license for the number of scanners. We have a bunch of Nessus scanners out there, and as long as we're comfortable with staying under that IP address limit, that's really all we have to be concerned about."
"The solution is worth the cost. It's a good investment."
"The price is high for the solution. There are free tools with similar functionality available. The solution cost approximately $3,500."
"Its price is high for Libya. The companies here in Libya don't have the awareness of and a good budget for cybersecurity services. If you want them to go for a product, you need to provide something different. This differentiation is related to the price. They should give about 40% to 45% discount per person on the current cost."
"There is an annual license required to use this solution."
"I think the price is fairly affordable. It provides a license that is fair."
"The price of Tenable Nessus is too expensive for each service center."
"Our organization is huge so our license costs $30,000."
report
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
24%
Financial Services Firm
15%
Insurance Company
7%
Manufacturing Company
7%
Educational Organization
39%
Computer Software Company
10%
Government
7%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

Ask a question
Earn 20 points
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid...
What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of the program is such that if a company should desire to handle the installation t...
What do you like most about Tenable Nessus?
We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equi...
 

Also Known As

Kenna.VM, Kenna Security, Kenna, Kenna Security Platform
No data available
 

Learn More

 

Overview

 

Sample Customers

TransUnion
Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management. Updated: October 2024.
814,649 professionals have used our research since 2012.