We performed a comparison between JFrog Xray and Tenable Nessus based on real PeerSpot user reviews.
Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."JFrog Xray's reporting feature has a lot of options in it, including scanning."
"If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first."
"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."
"Good reporting functionalities."
"JFrog Xray shows us a list of vulnerabilities that can impact our code."
"The solution is stable and reliable."
"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."
"The most valuable feature is the installation of Tenable which is incredibly easy."
"The plug-in text information is quite useful."
"Nessus' most valuable feature is vulnerability management because it helps to discover vulnerabilities proactively and integrates with patch management solutions so you can push patches."
"We looked at Tenable, Qualys and Rapid7. We found Tenable was the best of all three."
"The most valuable feature of Tenable Nessus is website scanning."
"It also has an executive report where you don't have to provide the client all the detail for them to sift though. But if they wish to dig through the detail they can."
"The ease of use is the primary valuable feature. This specific version is very straightforward. I like the ability to modify it and configure it based on the different policies."
"The most valuable feature is the breadth of vulnerabilities that it finds. It's able to find across a lot of different platforms and operating systems. It's also able to combine local testing with network-based testing."
"Lacks deeper reporting, the ability to compare things."
"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."
"JFrog Xray does not have a dashboard."
"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images."
"Since we have been using the solution via APIs, there are some limitations in the APIs."
"The speed of JFrog Xray should improve. Other solutions have better performance."
"JFrog Xray's documentation and error logging could be improved."
"The professional version is not very scalable."
"There could be an integration between Tenable Nessus and other Tenable products. It will help us manage all the solutions using one dashboard."
"The accuracy of the vulnerability assessment is not up to par yet, as false alarms and false positives occur often."
"Scans aren't done properly and some devices aren't pinged."
"The tool needs to upgrade asset tracking."
"The price could be reduced."
"The solution could improve security updates."
"In Nessus Professional, the main drawback was that we could have a single-user login password. So it could be better in terms of security."
JFrog Xray is ranked 17th in Vulnerability Management with 7 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. JFrog Xray is rated 8.2, while Tenable Nessus is rated 8.4. The top reviewer of JFrog Xray writes "An intelligent solution that prioritizes which vulnerability to target first in your project". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". JFrog Xray is most compared with Black Duck, Snyk, Mend.io, Veracode and Trivy, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Vulnerability Management, Tenable Security Center and Pentera. See our JFrog Xray vs. Tenable Nessus report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.