I'm using Tenable Nessus for my personal projects and vulnerability assessment, but I can't discuss what I do at work with you.
Information Technology Security Specialist at a tech services company with 201-500 employees
A remote security scanning tool that's pretty good to optimize
Pros and Cons
- "I have experience with it on my attack stations, and it's pretty good to optimize. Personally, I think Nessus is quite a good product."
- "Some things in the user interface could be better. The user interface could allow more adjustments to plugins. The price could also be better."
What is our primary use case?
What is most valuable?
I have experience with it on my attack stations, and it's pretty good to optimize. Personally, I think Nessus is quite a good product.
What needs improvement?
Some things in the user interface could be better. The user interface could allow more adjustments to plugins. The price could also be better.
For how long have I used the solution?
I have been using Tenable Nessus as a worker in America for about 15 years now.
Buyer's Guide
Tenable Nessus
October 2024
Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
How are customer service and support?
Technical support could be more knowledgeable. Their support right now goes from awkward to funny. Sorry to say that, but Tenable Nessus support isn't working as it should. They act fast, but their solutions don't always work. I've been in several situations at work where I had to find my own solutions.
How was the initial setup?
The initial setup and installation are pretty straightforward. Let's say 15 minutes to compile the plugin. It would take about half an hour to an hour to set up and deploy.
What's my experience with pricing, setup cost, and licensing?
One problem with Tenable is its pricing policy. Optimal results can be achieved with Greenbone Solutions which has much more friendly pricing policies.
What other advice do I have?
On a scale from one to ten, I would give Tenable Nessus an eight.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
VP - Risks, Audits & InfoSec at a tech services company with 501-1,000 employees
I like its ability to collate a dependable output, where we are able to get the same vulnerability when we test manually
Pros and Cons
- "The features of Tenable Nessus that I have found most valuable are its reliability and its ability to collate a dependable output, where we are able to get the same vulnerability when we test manually. The output is quite reliable."
- "In terms of what could be improved, I would say its reporting portion."
What is most valuable?
The features of Tenable Nessus that I have found most valuable are its reliability and its ability to collate a dependable output, where we are able to get the same vulnerability when we test manually. The output is quite reliable.
What needs improvement?
In terms of what could be improved, I would say its reporting portion.
Additionally, we have the on-prem version, but sometimes we want to have an on-cloud deployment as well for certain projects, although not so many. The people who used it on cloud didn't find it as good as the version they were using on-prem. Overall, the cloud version could be improved.
For how long have I used the solution?
I have been using Tenable Nessus for about three years now. We are currently using the latest version.
What do I think about the stability of the solution?
In terms of stability, recently we are seeing many updates coming in and we are finding that the updating model with its latest releases may be a little buggy. So sometimes deployment may take a couple of times and Nessus takes its own time for updating, thereby delaying the deployment time. Of late is, we are seeing updates coming in very frequently. So when we deploy it, it just updates again and again and that almost doubles the time.
What do I think about the scalability of the solution?
Tenable Nessus is scalable. That's not an issue.
How are customer service and technical support?
We did reach out to technical support. I think it was just once, but it took them a long time to respond. Maybe it was case specific, but they took a few days to get back to us and we didn't expect that. Now they've completely changed the model to email support, so we send the email and we'll have to wait until the guys answer us back.
How was the initial setup?
The initial setup on-prem and on-cloud did not have any issues. It just took a couple of hours.
What other advice do I have?
On a scale of one to ten, I would give Tenable Nessus an eight.
What happens is Nessus keeps on updating and this becomes a showstopper. We are unable to proceed with the vulnerability scans or testing if we do not update to the latest available patch. We can understand the risk if it's maybe one version earlier, meaning, we understand something was updated with XYZ patch but there should be something which gives us an option so that not all of our deployments need to have the latest patch. This would save the deployment time because of frequent updates.
I would recommend Tenable Nessus. Especially the commercial model. We operate in small and medium enterprises and for them, Nessus is becoming expensive. Because of this I may not buy Nessus this year and I might switch to Qualys, for example. Overall, Tenable Nessus is not so price pocket friendly for small and medium users.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Tenable Nessus
October 2024
Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Security Professional at a tech vendor with 10,001+ employees
An affordable product that needs to improve the reporting function
Pros and Cons
- "I find the features that are most valuable are the policies that help us identify the vulnerabilities. These policies are then used for scanning instabilities and then identifying the particular vulnerabilities."
- "We have had some false positives in the past, which we hope can improve in the future."
What is our primary use case?
Primarily, I use this for assessment and administration testing.
What is most valuable?
I find the features that are most valuable are the policies that help us identify the vulnerabilities. These policies are then used for scanning and identifying instabilities.
What needs improvement?
The reporting functionality needs improvement. I think it would be beneficial to have a high level explanation for a particular user.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
It is very stable, based on our past experience. We have had some false positives in the past, which we hope can improve in the future.
What do I think about the scalability of the solution?
The scalability is fine. It is tied to the licensing agreement. We currently have 20 people using this tool in our organization. It is primarily used by people in our cellular team. If we see a need to add more users in the future, we will renegotiate our licensing agreement to do so.
How are customer service and technical support?
We have not needed to contact tech support much. We contacted them about the false positives, and they were helpful.
Which solution did I use previously and why did I switch?
We also evaluated Netplus.
How was the initial setup?
The installation is very straightforward and easy. We did not use a third-party installer.
What's my experience with pricing, setup cost, and licensing?
I think the price is fairly affordable. It provides a license that is fair.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Security Engineer at a tech services company with 11-50 employees
Easy to deploy and use, and integrates well with our systems
Pros and Cons
- "Tenable integrates well with other solutions such as SIEM and batch management."
- "Pricing is one of the most important features, and it is something that they can improve on."
What is our primary use case?
We are a solution provider and Tenable Nessus is one of the products that we implement for our clients.
The primary task that Tenable is focused on is vulnerability management.
What is most valuable?
This solution is easy to use.
It has a powerful set of features.
Tenable integrates well with other solutions such as SIEM and batch management. This is one of the things that we do to add value for our customers.
For how long have I used the solution?
I have been working with Tenable Nessus for approximately nine years. This included six years with my previous company and another three years in my current organization.
What do I think about the stability of the solution?
The stability is good.
What do I think about the scalability of the solution?
This is a scalable product.
How are customer service and support?
The support, as well as the portal, is very good.
How was the initial setup?
The deployment is very easy to do. It takes less than one hour to complete.
What's my experience with pricing, setup cost, and licensing?
Pricing is one of the most important features, and it is something that they can improve on.
Which other solutions did I evaluate?
In my region, our customers prefer Tenable over other products, like those offered by Qualys. They have approximately 80% of the market share.
What other advice do I have?
Tenable is the best vulnerability management product in the world, and I recommend it.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Managing partner at a tech services company with 51-200 employees
We can deliver a high level of consulting using this product.
Pros and Cons
- "We looked at Tenable, Qualys and Rapid7. We found Tenable was the best of all three."
- "From my point of view the solution basically is not for the big enterprise."
How has it helped my organization?
This is something that allows us to quickly get a really important information context. We can now deliver highly professional consulting using the product.
What needs improvement?
From my point of view, the solution basically is not for large enterprises. I also think there should be built-in plugins for the public cloud vendors.
What do I think about the stability of the solution?
I'm happy with stability, there's no problem from my point of view.
What do I think about the scalability of the solution?
For an average sized company or for smaller enterprises, this solution is suitable. But, for large enterprises it's not a good choice. We have one customer with more than 5,000 servers. I do not think it will be suitable for that customer.
How are customer service and technical support?
We communicated via email to solve our issue. The experience was quite good for us.
Which solution did I use previously and why did I switch?
We switched because our previous solution was too expensive for us.
What's my experience with pricing, setup cost, and licensing?
My advice when choosing a vendor is to always consider:
- Trustworthiness
- Quality
- Price
Which other solutions did I evaluate?
We looked at Tenable, Qualys and Rapid7. We found Tenable was the best of all three.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CyberSecurity Specialist at a tech services company with 11-50 employees
Easy to set up with scanning capabilities and good integration options
Pros and Cons
- "Its initial setup was simple and straightforward."
- "Online learning could be a bit better."
What is our primary use case?
We're mainly doing vulnerability scanning with Nessus.
What is most valuable?
The scanning capabilities are very good.
The integration is very easy.
Its initial setup was simple and straightforward.
The solution is stable.
What needs improvement?
I haven't explored a lot of features just yet.
Online learning could be a bit better. It would help people understand the product better.
I'd like it to have an easier wizard, for example, "click here and this will deploy everything" or "this would help you get the correct things in place for correct scanning," et cetera.
For how long have I used the solution?
I've been using the solution for two years.
What do I think about the stability of the solution?
The stability has been good. Its performance is reliable. There are no bugs or glitches. it doesn't crash or freeze.
What do I think about the scalability of the solution?
I'm the only person using the solution.
I don't have plans to increase usage.
How was the initial setup?
The solution is easy to implement. It's not difficult or complex.
I was trying to do Tenable SC at some point, however, I gave up on that one.
The deployment takes about two weeks.
What's my experience with pricing, setup cost, and licensing?
I don't really deal with the pricing aspect of the product. I can't speak to the exact price.
What other advice do I have?
I'm a partner and customer.
I'd rate the solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Tenable Nessus Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Vulnerability ManagementPopular Comparisons
Microsoft Intune
Microsoft Defender for Cloud
Qualys VMDR
Tenable Security Center
Tanium
Rapid7 InsightVM
Tenable Vulnerability Management
Orca Security
Pentera
Acunetix
JFrog Xray
Claroty Platform
Skybox Security Suite
Buyer's Guide
Download our free Tenable Nessus Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Qualys VM vs Tenable Nessus: Comparison
- How would you choose between Rapid7 InsightVM and Tenable Nessus?
- What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
- How does Tenable Nessus compare with Qualys VM?
- What are the main differences between Qualys VMDR and Tenable Nessus?
- How inadvisable is it to use a single vulnerability analysis tool?
- What are the benefits of continuous scanning for vulnerability management?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- What are the main KPIs that need to be implemented to have better posture in vulnerability projects?