No more typing reviews! Try our Samantha, our new voice AI agent.

Salt Security vs Tenable Nessus comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Salt Security
Average Rating
8.6
Reviews Sentiment
8.5
Number of Reviews
3
Ranking in other categories
API Security (5th), AI Security (21st)
Tenable Nessus
Average Rating
8.4
Reviews Sentiment
6.0
Number of Reviews
88
Ranking in other categories
Vulnerability Management (3rd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Salt Security is designed for API Security and holds a mindshare of 6.9%, down 12.2% compared to last year.
Tenable Nessus, on the other hand, focuses on Vulnerability Management, holds 3.7% mindshare, down 8.5% since last year.
API Security Mindshare Distribution
ProductMindshare (%)
Salt Security6.9%
Imperva Application Security Platform9.2%
Checkmarx One6.7%
Other77.2%
API Security
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Tenable Nessus3.7%
Wiz4.4%
Qualys VMDR3.9%
Other88.0%
Vulnerability Management
 

Featured Reviews

Tbaker Baker - PeerSpot reviewer
Risk Advisory Senior Manager at a marketing services firm with 1,001-5,000 employees
Behavioral AI has protected critical applications and now blocks complex external attacks
I think Salt Security could improve their implementations. The one that I saw was very complex and took quite a bit of time, and if the environment is unique at all, it takes quite a bit of time to figure out how to properly ensure that it will be implemented. A lot of times there is a steep learning curve for someone that hasn't been in it to figure out the APIs and really dig deep into it, but once you get used to it, it is easy. However, that ramp-up period could be tough. I think Salt Security could use a more enterprise focus. Some of the smaller companies that I have referred them to think it is a little bit too complex for them, so if they could come up with a different version or something a little bit easier to simplify their platform, they may be able to find more customers that way.
MohammedJaffir - PeerSpot reviewer
Founder at Cipheroot Cybersecurity Solutions
Has enabled me to reduce false positives and perform deep credential auditing with seamless integrations
I mostly use the configuration audit feature for the audit configuration as a scan policy, and I will use it for credential audit, which helps me scan credentials access such as local administrator or root access, performing a deeper and more accurate check of local configuration settings and file systems, making it a highly recommended feature. Regarding integration capabilities, we can integrate Tenable Nessus with SIM tools such as Splunk, IBM QRadar, and Azure Sentinel, as well as with ticketing systems such as ServiceNow, Jira, and Slack. There is no complexity as it is very easy to integrate everything. In terms of the reporting feature, while vulnerability scanning can throw some false positives, Tenable Nessus has very few, achieving a reduction of 75% to 80% false positives with manual analysis needed. We can generate standard Nessus reports that typically include host summaries and vulnerabilities by host and plugin, alongside solutions and remediation recommendations. The main benefits I get from Tenable Nessus are complete asset inventory and comprehensive attack surface management, allowing us to prioritize vulnerabilities based on risk, focusing on true risk and threat path analysis.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Salt Security gives you visibility of all your APIs, identifies API security issues, and immediately alerts you of attacks."
"Salt Security has positively impacted my organization and my client's organization by being able to stop cyberattacks and ensure that they have proper security over all their applications, giving them a sense of peace of mind that they have security over something that could ultimately take down the whole company if not mitigated properly."
"Salt Security gave me much better visibility into API risk, helping me identify exposed endpoints, misconfigured APIs, and sensitive data flowing through APIs that required additional controls, and it has become an important part of my API security program."
"It's really great. I would rate the stability a nine out of ten. I haven't encountered any instability issues."
"Tenable Nessus is one of the best vulnerability assessment tools, that I know."
"The main benefits I get from Tenable Nessus are complete asset inventory and comprehensive attack surface management, allowing us to prioritize vulnerabilities based on risk, focusing on true risk and threat path analysis."
"It does exactly what you expect it to do, and its pricing is great. We couldn't really ask for a better deal."
"The predictive prioritization features are spot-on, and I enjoy how it actually gives me a prioritization that I can address and it associates it with a known vulnerability."
"Ease of reviewing scores, identifying vulnerabilities, and getting information on them."
"Tenable Nessus is a very scalable solution."
"Scanners and reports using CIS templates ("de-facto" standard, easy to fix and to locate correction tips at documentation), tests against cloud providers, database profiles, several types of telecom devices, and others highly customizable scans."
"It is a mature tool."
 

Cons

"Regarding scalability, for users in smaller environments, it is not exactly the best."
"The setup cost was acceptable, but adding additional APIs was actually quite expensive."
"The integration part could be a bit extended."
"The professional version is not very scalable. It's not really scalable considering the number of assets and clients that I have."
"Vulnerability recommendations are outdated and not in line with industry standards."
"They have added a new Tenable Nessus Expert. That is their new product, which caters to the cloud and everything else. I am assuming that the new features and product enhancements are based on that tool set, but we haven't reviewed it yet."
"There should be a possibility to install agents on scanned machines. Tenable IO provides the capability of using local agents to check local problems, but this feature is not there in Tenable Nessus Professional. It would be nice to have something similar in Tenable Nessus Professional. We should have the capability to use local agents installed on the machines to locally check a problem."
"From my point of view the solution basically is not for the big enterprise."
"The reports are okay, but the interface is a bit difficult to navigate in some cases."
"We use credentialed scans. They need more permissions and more changes or settings on Windows and Linux."
"They should try to create an all-in-one solution."
 

Pricing and Cost Advice

Information not available
"We have a subscription, the licensing fees are paid yearly, and I am using the latest version."
"The price of the solution is reasonable."
"The solution has free options."
"I would like to see better discounts."
"Our organization is huge so our license costs $30,000."
"The solution is worth the cost. It's a good investment."
"Nowadays, your vulnerability applications are going to be kind of pricey because lots of them, including Rapid7, are based upon a base price, but then they add in the nodes. That's where they get you. If you're a big network, obviously, you need to scan everything. Therefore, it's going to be costly. The risk and insurance money associated with having ransomware on my networks is going to cost me more money, time, and marketing than the price of the tool. That's why I'm speaking only as an information security officer to security operations. This is the tool that is there in my toolbox to say whether we vulnerable or not. At this point, I don't care about how much it costs my company to have it because if I wasn't able to report it and we got ransomware, then who cares? I'm probably going to be out of business because it happened. That's why I don't care about the price. I have it, and I could use it effectively and do my report. At the end of the day, even if we get ransomware, as long as I reported it, followed my protocol, and put in the change, irrespective of whether it was ignored or denied, I did my job."
"It has a fair cost and very good cost-benefit ratio."
report
Use our free recommendation engine to learn which API Security solutions are best for your needs.
904,146 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Manufacturing Company
16%
Construction Company
8%
Comms Service Provider
6%
Manufacturing Company
10%
Financial Services Firm
10%
Government
9%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business40
Midsize Enterprise19
Large Enterprise35
 

Questions from the Community

What is your experience regarding pricing and costs for Salt Security?
My experience with pricing, setup cost, and licensing is that I think it was affordable. For smaller companies, it might be a barrier to entry, but for the large enterprise that I was working with,...
What needs improvement with Salt Security?
I think Salt Security could improve their implementations. The one that I saw was very complex and took quite a bit of time, and if the environment is unique at all, it takes quite a bit of time to...
What is your primary use case for Salt Security?
My main use case for Salt Security is that one of my clients uses it as a security vendor for their security across all of their overlying applications. I can give you a specific example of how my ...
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid...
What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of the program is such that if a company should desire to handle the installation t...
What is your experience regarding pricing and costs for Tenable Nessus?
Based on my experience, the pricing for Tenable Nessus is somewhat higher, but customers still want to pay for it, so it remains acceptable. The annual price increase of six to seven percent could ...
 

Also Known As

Salt Security API Protection Platform
No data available
 

Overview

 

Sample Customers

Appsflyer, Armis, City National Bank, Coralogix, Finastra, Gett, Honeybook, Payoneer
Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
Find out what your peers are saying about Imperva, Akamai, Orca Security and others in API Security. Updated: June 2026.
904,146 professionals have used our research since 2012.