Tenable Nessus Reviews

We are using Tenable Nessus real-time monitoring.

The most valuable feature of Tenable Nessus is real-time monitoring.

Tenable Nessus could improve by having more steady updates which will reduce the vulnerabilities.

I have been using Tenable Nessus for approximately 10 years.

Tenable Nessus is a stable solution, we are fairly satisfied.

I rate the scalability of Tenable Nessus an eight out of ten.

Most of the people using this solution at this time are managers.

The technical support has been very useful. They are helpful.

I rate the technical support from Tenable Nessus a four out of five.

The initial setup has been straightforward. However, we are trying to roll out our agents and find all of our devices which we have experienced some challenges. The whole process has taken us approximately three months.

We are doing the implementation in-house.

I would advise others that if this solution fits your use case then I would try it out. Different environments require different solutions.

I rate Tenable Nessus an eight out of ten.

We're using Tenable Nessus to manage vulnerabilities.

What I like most about Tenable Nessus is its vulnerability scanning feature.

A room for improvement which I see in Tenable Nessus is the inventory management function.

I've been working with Tenable Nessus for two years now.

I'm satisfied with the stability of Tenable Nessus.

We have not tried to scale up Tenable Nessus. The number of users we have when we started using it is still the same.

Technical support for this solution was good. They were responsive.

The initial setup for this solution was easy.

We implemented Tenable Nessus through a vendor team, and the process took one month to complete. They were good.

This solution is affordable. We pay a standard fee. We pay for the license yearly.

I work with different products, e.g. firewalls, PAM technology, antivirus, WAF, and proxy. I'm handling information security in the government, not as a consultant. I deal with government procedures.

We deployed this solution on hardware, on VM.

We have 10 users of Tenable Nessus, and they are a mix of engineers and managers.

I'm scoring Tenable Nessus a ten out of ten.

We mainly use it for scanning for vulnerability on our hosts, like network devices and servers; to find the vulnerabilities and do remediation. We monitor Windows and Linux workstations.

It helps us limit our vulnerabilities and to reduce exploitations.

Tenable also helps us focus resources on the vulnerabilities that are most likely to be exploited.

Among the most valuable features are scanning for vulnerabilities and the reporting. The reporting templates are okay. I like that I can see all the hosts with different vulnerabilities. I can export reports to Excel to adjust them and it's a convenient way to send them to my manager. We actually use the report feature to identify all the vulnerabilities on all the hosts.

• The prioritization is done quickly and is good.
• Their VPR is good.
• I'm also able to find its features easily.

We use credentialed scans. They need more permissions and more changes or settings on Windows and Linux.

Also, Agent scanning is more efficient than credential scanning but Agent scanning is more expensive than credential scanning. I prefer, mainly, the Agent scan over the credential scan, it's better. But we will continue to use the credential scan. I would like to see Tenable make some improvements to the credential scanning; more vulnerabilities, because most of the problems have occurred on Windows Server. We have some scanning issues.

We have been using Tenable for just over a year.

It's always working, no crashes.

We can add more scanners to the scan zone. We can also create different organizations in terms of scanning, so I think the scalability is good.

We use Tenable on 300 servers. In our office we have two or three people using the solution who are network security engineers. Two or three people are enough to take care of deployment and maintenance of Tenable.

We have plans to increase our usage. We want to increase our licenses up to about 1,000.

Technical support is good. I get responses quickly and they provide quick resolution. I can look at their community to find questions or the problem. The support is good.

Before Tenable, our global team used Qualys, but I myself didn't use that. The switch to Tenable was decided on by our U.S. team. It was a global strategy to move to Tenable.

The initial setup was good, not complex. We had the guides from Tenable to guide us through the setup. It took us two days, but one day should be good enough for the initial deployment.

Originally, we wanted to scan all our servers from multiple clouds and also on-premises, to scan the local network.

Tenable mainly works on vulnerability scanning and prioritizing.

We use it predominantly for vulnerability scanning and compliance scanning as part of the vulnerability and compliance protocols in one of our programs.

The ease of use is the primary valuable feature. This specific version is very straightforward. I like the ability to modify it and configure it based on the different policies.

I also like the number of plugins. It has quite a lot of plugins that keep it up to date with the different vulnerabilities coming out.

Multiple user access would be an area for improvement from a user-access perspective. A role-based access control feature would be great because at present, there is a limitation with only one account. If that account gets compromised or gets locked, then we will encounter problems.

It would be good to have a way to store filters from searches so that you don't have to recreate them from scratch every time. To be able to have them saved as a list of filters would be really useful.

It would be really useful to have a way to assess the risk of a specific vulnerability based on a number of factors which could be tailored. It could be a tailored set of factors you introduce to see a potential risk score or a different view of the CVSS score.

A lot of organizations do this manually, and some of them have some other ways of identifying or assessing the risk of vulnerabilities. It would be really useful to have a framework which allows you to create a way to assess the risk of vulnerabilities on the platform and potentially prioritize them or provide information as a report to management or to other teams for resolution.

It would be really nice to have a way to visualize the different results from the scans. For example, if you scan a Windows 2016 Server and you have a number of vulnerabilities, it would be nice to somehow show the vulnerabilities in a graphical format and potentially combine some of the outcomes into a graphical representation showing trending. Trending is quite important, especially when I speak to my senior management stakeholders and try to show the security posture and status. It would help to provide a long and wide view of where the vulnerabilities are and what kind of aging is present.

I've used it for three and a half years.

Nessus Manager is very stable; I haven't had any problems. I'd give the stability of the product a five out of five.

The product itself is not scalable by design. It is a single-user product, so it doesn't allow you to have multiple users at the same time. You have only one account. The type of product that we're using is not really meant for huge enterprises, and it's a bit more limited in terms of usage.

At present, I use the personal version for the account I'm looking after, but we probably have less than five people using this platform.

The initial setup was easy.

We implemented it ourselves. The deployment was done by one engineer, and it did not take too long.

The project in which I have been using it, it has been great because we satisfy a very crucial requirement. We have brought around vulnerability management, so it's really good ROI for what we have.

Nessus Manager is not an expensive product. It has its limitations, but the pricing reflects that.

We have a yearly subscription.

I would recommend Nessus Manager and rate it at eight on a scale from one to ten.

We use Tenable Nessus when we are preparing our audit where we need to do an initial scan of our customers' platform to see if they have any critical issues.

The reports are pretty nice and easy to understand.

The price could be reduced.

I have been using Tenable Nessus for approximately 20 years, since the time that it was first released. 

This solution is stable. We do not have any issues with the stability of this solution.

It's a scalable product. We have approximately 300 companies.

I have yet to contact technical support. The users within my team are technical people, and if they have an issue, they can resolve it themselves using the knowledge base.

The initial setup is straightforward. It is very easy.

It takes less than 10 minutes to install.

I am the consultant.

We have a team of two to three to deploy and maintain this solution.

We have a subscription, the licensing fees are paid yearly, and I am using the latest version.

The pricing is fine, but it could be cheaper.

So far, I am quite pleased with this product and don't have any complaints. I would recommend this solution to others who are interested in using it.

I would rate this solution a nine out of ten.

We are a company that provides cloud migration services. We help companies to migrate to the public cloud. When our customers want to migrate applications, they're worried about the security aspect in the cloud. So we are trying to see how the application security that is on-premises can be migrated to the cloud.

We don't have any particular solution, we are working with a few options. The customer selects what best suits their needs. If we have a program, we work with that.

It's not specific to what we are working with.

We have done code scanning for a long period because as a company, we do DevOps as part of our development life cycle. We like scanning the ports and security as well as application-level security.

Some of our customers are operating on the cloud as well as on-premises.

We would like to have the option of using the solution for the cloud as well as on-premises with the same license at the same time. That would be very helpful.

We have used this solution for three or four projects in the last two years.

We are always working with the latest version.

The stability varies on the version that you are using. 

We have not had any problems with stability with what we are using. It's been stable and we have never been faced with any stability issues.

We have used this for an enterprise cloud application, which is much smaller with hundreds of users. It's pretty scalable. We have not had any challenges so far. 

I don't know the limits of scalability because we haven't trialed it fully. But for the enterprise application that we use, we didn't find any issue with scalability.

We have contacted technical support, once or twice when we have had issues with respect to some plugin related clarification. 

There are times where the solution doesn't work out of the box, and we have to install some plugins. We needed some assistance with this.

They are good, but the response resolution takes a bit of time. It would say that it's still within an acceptable response time. Within a few hours, they will get back to you with a solution.

The initial setup is pretty easy.

When we use the scales we find it to be easy.

In our experience a complete deployment and start-up, it takes only a few hours.

In some cases, we deploy on-premises because the customer is still evaluating the readiness to go to the cloud. 

A few of our customers are already on the cloud, and others are migrating. We have deployed on both models.

With my experience, I would definitely recommend it. This is the only tool we have used recently.

I would rate this solution an eight out of ten.

As new upgrades to the software come out periodically, I am currently using the latest version. 

I feel comfortable with the solution's vulnerability scanning capabilities.

While the solution is great for scanning servers, its features are limited when it comes to scanning network devices for vulnerabilities. 

I have been using Tenable Nessus since 2015. 

I can say that I am satisfied with Tenable Nessus' support and customer relations, which is why I'm still with the solution.

Technical support is very user-friendly. Upon entering their forum I can easily find the answers I seek, which I feel to be understandable and helpful. I have not any issues with the software that would have given me reason to engage technical support. 

I did not use an alternate solution prior to Tenable Nessus and have been using it since the inception of my career in information security. 

The installation of the solution was extremely easy. 

There was no need for me to involve my system administrator in the installation process, as I was able to handle it on my own. It is easy to install the solution on any server. 

The price is reasonable. 

I am actually using the solution in three or four different organizations, including Engro and Martin Dow. 

There are two or three people using the solution in my organization on an ongoing basis in key dedicated positions. 

As Tenable Nessus lacks adequate network vulnerability scanning features, I rate it as a seven out of ten. 

I use Tenable Nessus to evaluate the security posture of multiples acquisitions before integrating them to our network.

Tenable Nessus has helped us visualize the security posture of acquisitions. It provides actionable recommendations to the implementation team towards security remedies.

I have found the remedy recommendation feature helpful, as it:

• Provides multiple recommendations towards the remedy of vulnerabilities.
• Allows me to prioritize efforts and utilize effective technical resources.

• They should improve the I/O reporting and the customized spreadsheet export feature.
• Multiple steps to create an actionable plan will be a great addition to Nessus.