I use Tenable Nessus for vulnerability assessment so that you can scan for CVEs and existing CVEs. Tenable Nessus will show you the latest update on those vulnerabilities and where it needs patches, so it goes hand in hand with patch management. As soon as you scan, you can see whether it needs patching, and if needed, you can go ahead and deploy patch management to address the current issue.
Security Infrastructure Engineer at NP Secure Co.,Ltd
A vulnerability assessment tool with patch management capabilities that offers ease of deployment
Pros and Cons
- "The initial setup of Tenable Nessus is very easy."
- "The problems I faced with Tenable Nessus were related to its dashboard's customization capabilities and its ability to provide data to third-party sources."
What is our primary use case?
What is most valuable?
The most valuable features of the solution are the policy and the active scan. The features are different for Tenable Security Center since it is more on an on-premises model. The solution also has features like Tenable.io and Tenable Web App Scanning.
What needs improvement?
I wouldn't want to change anything about Tenable Nessus since I haven't found or run into any issues in Tenable Nessus.
I like Tenable since I find everything related to the solution simplified and easy to use. You can approach the online community of Tenable when you run into a problem, and there is a bunch of information available there that you can gather and use for troubleshooting purposes.
I faced some problems with Tenable Nessus when dealing with some of our company's customers in China. The problems I faced with Tenable Nessus were related to its dashboard's customization capabilities and its ability to provide data to third-party sources. The solution should offer simplified data-sharing capabilities. Though we have the dashboards and can customize them, the options for customization are available in the templates provided by Tenable Nessus. It might not be possible with Tenable Nessus to add every component a person wants to a single dashboard since they can only choose whatever is available on the templates provided by Tenable Nessus. The aforementioned areas can be considered for improvement in the solution.
For how long have I used the solution?
I have been using Tenable Nessus for two months. My company operates as a reseller of the product while also having a partnership with the solution.
Buyer's Guide
Tenable Nessus
November 2024
Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,067 professionals have used our research since 2012.
What do I think about the stability of the solution?
Stability-wise, I rate the solution an eight out of ten.
What do I think about the scalability of the solution?
Scalability-wise, I rate the solution an eight out of ten.
Around 90 percent of our company's customers work with Tenable Nessus.
How are customer service and support?
For the solution's technical support, our company directly seeks help from the solution's vendor in Vietnam or Singapore, who are very responsive. I rate the technical support an eight out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup of Tenable Nessus is very easy. You can get the application's installation file and implement it faster than ManageEngine, making it a simple process. I rate the initial setup of Tenable Nessus a nine out of ten.
The solution is deployed on an on-premises model.
With Tenable Nessus, you have a file, and you just need to install it. In the on-premises model of the solution, you have a dashboard or console that you go to, which is like an internal website that you have set up so that you can get access to the on-premises version of the product.
What's my experience with pricing, setup cost, and licensing?
I rate the product's price seven or eight on a scale of one to ten, where one is low price and ten is high price.
What other advice do I have?
Tenable Nessus is a great tool. I believe everyone should be using Tenable Nessus since it is a tool that can be used for vulnerability assessment when companies face some vulnerabilities to find security holes or threats.
I rate the overall solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Senior Manager at a security firm with 201-500 employees
Quickly scans and detects new vulnerabilities
Pros and Cons
- "Tenable Nessus is cheap and flexible."
- "The professional version is not very scalable."
What is our primary use case?
We use Tenable Nessus to provide service to our bank.
I use it to provide our main service related to our big management.
Other than providing information security to our clients, it is our information security provider, service provider — we manage it. Using Nessus, we are able to scan and locate any potential vulnerabilities that our clients may have and point them out to them.
I am not sure how many users we have using this solution, but we have more than 100,000 assets distributed between roughly 40 clients.
What is most valuable?
Tenable Nessus is cheap and flexible.
What needs improvement?
Currently, they don't have all of the features that I am looking for. I am looking for a technology that installs agents into the machines to perform complicated scanning. That's a good feature that I'm looking for.
Our issues are not all due to Tenable Nessus; we have more than one console that we administrate.
For how long have I used the solution?
I have been using this solution for 10 to 15 years.
I use this solution on a regular basis at my current company. I used it at my previous company as well.
What do I think about the stability of the solution?
This solution is quite stable.
What do I think about the scalability of the solution?
The professional version is not very scalable. It's not really scalable considering the number of assets and clients that I have.
Many of our clients would like to switch to a better solution.
How are customer service and technical support?
The technical support is great. We have called them a few times and they have always helped us.
How was the initial setup?
The initial setup was pretty straightforward. Within a week we had set up all of the infrastructure and were ready to deploy.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Tenable Nessus
November 2024
Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,067 professionals have used our research since 2012.
Network Team Lead at Atlas Security
Easy to deploy, stable, and scalable solution for vulnerability scans and assessments but can be very slow
Pros and Cons
- "The most valuable feature is the installation of Tenable which is incredibly easy."
- "The accuracy of the vulnerability assessment is not up to par yet, as false alarms and false positives occur often."
What is our primary use case?
We use Tenable to scan all the workstations in our government environment for vulnerabilities and outdated software. The Tenable agents installed on the PCs enable us to detect any potential security risks or applications that are not up-to-date, malicious, or suspicious. This helps us ensure that all the PCs are secure and are in good posture.
What is most valuable?
The most valuable feature is the installation of Tenable which is incredibly easy. Even those without extensive technical knowledge can do it. All we need is the license and a few clicks through the installation process which is simple. Once the program is installed on all PCs and servers, we're good to go!
What needs improvement?
The solution can be annoyingly slow.
The pricing is a bit high.
We would like to see the inclusion of penetration testing capabilities if possible.
Tenable has been mostly used in the on-premise environment, so it would be great if they could improve the transition to the cloud.
The accuracy of the vulnerability assessment needs improvement as false alarms and false positives occur often. Applications are often flagged as critical when they are actually benign. To improve user experience, there needs to be an upgrade in the accuracy of the results and a more user-friendly interface.
Sometimes it can be difficult to adjust the policies. When the solution has been previously installed. Making changes to policies requires navigating multiple steps. This process can be time-consuming and potentially confusing. Expert knowledge may be necessary in certain cases.
For how long have I used the solution?
I have been using the solution for four years.
What do I think about the stability of the solution?
There has been an improvement over the years and the solution is now extremely stable.
What do I think about the scalability of the solution?
We can easily scale up our license to support more devices. By increasing our license, we can add more workstations.
How are customer service and support?
The technical support is outstanding. We encountered some difficulties during our initial deployment, yet they persisted in helping us all day long. Their support team is very competent.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is straightforward.
The deployment took us two days to install the SoC on all 100 of our workstations.
What's my experience with pricing, setup cost, and licensing?
The solution is expensive. We lost bids to competing companies due to the pricing; there are cheaper alternatives to Tenable such as Rapid7 InsightVM.
What other advice do I have?
I give the solution an eight out of ten.
We have 100 workstations that all use the solution.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Works at a university with 1,001-5,000 employees
Easy to deploy, simple to use, and offers great vulnerability assessments
Pros and Cons
- "It's scalable."
- "It would be a good idea if they have a simulation of attacks or a use case for finding a new vulnerability or dealing with a zero-day attack."
What is our primary use case?
My company uses Tenable as a vulnerability assessment.
We use it for scanning, for the discovery of vulnerabilities in the components or the software, or on the IT infrastructure of our client.
What is most valuable?
The solution can conduct a full vulnerability assessment and also suggest mitigation of vulnerabilities and has a lot of other features.
It creates a classification of the vulnerability and the likelihood and the impact on other features.
The solution is easy to deploy and simple to use.
It's scalable.
The solution is stable.
What needs improvement?
It would be a good idea if they have a simulation of attacks or a use case for finding a new vulnerability or dealing with a zero-day attack.
Right now, it works based on dealing with a vulnerability that is already detected and reported, and it would be great if they have a combination of a vulnerability that existed and another use case to have a more proactive approach to potential new issues. Therefore, doing a simulation of attacks to find a new or zero-day issue or vulnerability would be helpful.
For how long have I used the solution?
I've been using the solution for more than two years.
What do I think about the stability of the solution?
The solution is very stable and reliable. I'd rate it four or five out of five. The performance is good. There are no bugs or glitches, and it doesn't crash or freeze.
What do I think about the scalability of the solution?
It is very scalable. I'd rate it a four or five out of five in terms of the ease of expansion.
We would use Nessus to conduct a vulnerability assessment. How many people use the solution depends on the client. Maybe five or six people from the engineering side use it in general.
We have a new client coming on, and we will require more users on the product to conduct vulnerability assessments, so we do have plans to increase usage.
How are customer service and support?
I've never had any interaction with customer support. The solution works very well, and we haven't needed help.
How was the initial setup?
The initial setup is very straightforward. It's not overly difficult, or complex.
I cannot recall how long the deployment process took.
What about the implementation team?
Our technical team handled the deployment.
What's my experience with pricing, setup cost, and licensing?
Another department handles the licensing. I can't speak to the exact costs. I do know that we pay a yearly licensing fee.
Which other solutions did I evaluate?
We would like to discover other solutions and do a comparison to see the better solution for our clients. We've, for example, tried to look into Cyber XM.
What other advice do I have?
We are just end-users and customers.
I'm not sure which version of the solution we're using.
I'd rate the solution eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Director at Monal Tech Pvt.Ltd.
Beneficial website scanning, reliable, and scales well
Pros and Cons
- "The most valuable feature of Tenable Nessus is website scanning."
- "The solution could improve security updates."
What is our primary use case?
Our clients use Tenable Nessus to find vulnerabilities in websites and infrastructure.
What is most valuable?
The most valuable feature of Tenable Nessus is website scanning.
What needs improvement?
The solution could improve security updates.
For how long have I used the solution?
I have been using Tenable Nessus for approximately three years.
What do I think about the stability of the solution?
The solution is stable.
I rate the stability of Tenable Nessus a seven out of ten.
What do I think about the scalability of the solution?
I am the only one using this solution.
I rate the scalability of Tenable Nessus a seven out of ten.
How are customer service and support?
I rate the support of Tenable Nessus a six out of ten.
How would you rate customer service and support?
Neutral
How was the initial setup?
The setup is easy. We use the deployment manual and followed the steps.
I rate the initial setup of Tenable Nessus a nine out of ten.
What's my experience with pricing, setup cost, and licensing?
The price is high for the solution. There are free tools with similar functionality available. The solution cost approximately $3,500.
I rate the price of Tenable Nessus a six out of ten.
What other advice do I have?
I would recommend this solution to others.
I rate Tenable Nessus a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Chief Executive Officer at a outsourcing company with 11-50 employees
User-friendly, easy to install, has good functionality, and technical support
Pros and Cons
- "The results are not that bad, but the key selling point is that it is an affordable tool set."
- "They have added a new Tenable Nessus Expert. That is their new product, which caters to the cloud and everything else. I am assuming that the new features and product enhancements are based on that tool set, but we haven't reviewed it yet."
What is our primary use case?
We use Tenable Nessus for vulnerability scanning.
What is most valuable?
The results are not that bad, but the key selling point is that it is an affordable tool set.
It is a very easy tool to use.
We are happy with the existing features.
We are happy with the functionality, and what we get from the tool.
What needs improvement?
I am not sure. I see they have released new products that we haven't yet evaluated. I believe the new products are the opportunity for improvement that they are bringing to market. But for the time being,
They have added a new Tenable Nessus Expert. That is their new product, which caters to the cloud and everything else.
I am assuming that the new features and product enhancements are based on that tool set, but we haven't reviewed it yet.
For how long have I used the solution?
I have been working with Tenable Nessus for 10 years.
It's a proper toolkit, it goes a long way with us.
We are working with the latest version.
What do I think about the stability of the solution?
Tenable Nessus is very stable.
I would rate the stability of this solution a five out of five.
What do I think about the scalability of the solution?
Tenable Nessus is a scalable solution, I would rate the scalability a five out of five.
It is based on the number of endpoints. We have 1,500 endpoints in our company.
How are customer service and support?
We can contact technical support using their web console. We can log a support ticket as end users, although we seldom use this feature.
I would rate their technical support a five out of five.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We are also working with Rapid7 InsightVM.
It is not as good as Rapid7 from our perspective, but it is part of our toolbox arsenal. As a result, we have it on board and solely use it internally.
How was the initial setup?
It is very easy to deploy.
This solution was deployed in 30 minutes, or less. It is very easy. It is straightforward, and out of the box.
What about the implementation team?
The deployment was completed in-house. We did it ourselves.
We only need one engineer to deploy and maintain this solution.
What was our ROI?
I would rate the return on investment a five out of five.
What's my experience with pricing, setup cost, and licensing?
Cost-wise, it's an affordable tool.
Licensing fees are paid annually.
I would rate the licensing cost a five out of five.
What other advice do I have?
I would rate Tenable Nessus a ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Consultant - Cyber Security Services at a computer software company with 10,001+ employees
The most dynamic solution on the market
Pros and Cons
- "The solution is the most dynamic one I have seen thus far."
- "EQA's and dashboards should be addressed in the next release."
What is our primary use case?
We primarily use the solution for our customer vApp, the dynamic application testing using NetWeb application and security and the infra scanning. It allows us to do a weekly scan for our customers.
How has it helped my organization?
The solution was a great help during the pandemic for closing down all those open vulnerabilities. Continuous scanning of the infra was helpful for identification on the web applications level.
What is most valuable?
The solution is the most dynamic one I have seen thus far. It is one of the best available solutions. It is the best vulnerability tool that is available at present.
What needs improvement?
While Tenable Nessus is a good enterprise solution, the high price would likely make it prohibitive to smaller organizations.
We feel the licensing cost to be too high for our customers and us.
EQA's and dashboards should be addressed in the next release.
For how long have I used the solution?
We have been using Tenable Nessus for four or five years. I believe that our practice team is doing so.
What do I think about the stability of the solution?
The solution is highly reliable.
What do I think about the scalability of the solution?
Scalability is not an issue.
How are customer service and support?
Tech support is good. I think we are now partnered with Tenable.
How was the initial setup?
The initial setup was straightforward. The solution was very easy to set up and configure.
What's my experience with pricing, setup cost, and licensing?
We have a yearly subscription license.
We have a partnership for filling Tenable Nessus as a manager product for our customers.
Though it is a good enterprise solution, it is likely too highly priced for smaller organizations.
We feel the licensing cost to be too high for our customers and us.
What other advice do I have?
We have both on-premises and cloud-based deployment in our organization.
The solution is good.
I rate Tenable Nessus as a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Network Security Delivery Manager at alascom
Useful report, responsive technical support, and installation straightforward
Pros and Cons
- "I have found the vulnerability assessment and the reports to be useful."
- "The solution could improve by having better integration with different vendors' IPS solutions. The ACLs and IPS policies signatures should be enabled based on the results of Tenable Nessus automatically, we currently have to do it manually which is very time-consuming. It has done a good job integrating with Fortinet but we would like it to be better integrated with other solutions that we have."
What is our primary use case?
We use Tenable Nessus for vulnerability assessments.
What is most valuable?
I have found the vulnerability assessment and the reports to be useful.
What needs improvement?
The solution could improve by having better integration with different vendors' IPS solutions. The ACLs and IPS policies signatures should be enabled based on the results of Tenable Nessus automatically, we currently have to do it manually which is very time-consuming. It has done a good job integrating with Fortinet but we would like it to be better integrated with other solutions that we have. Additionally, After Tenable Nessus was able to recognize the vulnerability it would be great to have it virtually batch the systems if you are not able to update the different systems.
For how long have I used the solution?
I have been using Tenable Nessus within the last 12 months.
What do I think about the stability of the solution?
While doing the scans we have not had any issues, the solution is stable.
What do I think about the scalability of the solution?
Tenable Nessus is scalable.
How are customer service and technical support?
The technical support was responsive and helpful. We were trying different integrations and needed some assistance.
Which solution did I use previously and why did I switch?
How was the initial setup?
The initial setup is very easy and straightforward. The VM can be done very quickly and the whole process takes approximately 30 minutes. The installation is quicker than others solutions, such as Qualys.
What's my experience with pricing, setup cost, and licensing?
The price of the solution is reasonable.
What other advice do I have?
I rate Tenable Nessus an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Tenable Nessus Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Vulnerability ManagementPopular Comparisons
Microsoft Defender for Cloud
Qualys VMDR
Tenable Security Center
Tanium
Tenable Vulnerability Management
Orca Security
Pentera
Acunetix
JFrog Xray
Claroty Platform
Lacework FortiCNAPP
Skybox Security Suite
Microsoft Defender Vulnerability Management
Rapid7 Metasploit
Buyer's Guide
Download our free Tenable Nessus Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Qualys VM vs Tenable Nessus: Comparison
- How would you choose between Rapid7 InsightVM and Tenable Nessus?
- What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
- How does Tenable Nessus compare with Qualys VM?
- What are the main differences between Qualys VMDR and Tenable Nessus?
- How inadvisable is it to use a single vulnerability analysis tool?
- What are the benefits of continuous scanning for vulnerability management?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- What are the main KPIs that need to be implemented to have better posture in vulnerability projects?