Tenable Nessus Reviews

The valuable feature for me is being able to ping the computers to do the automated scan and to come back and be able to see everything. That's definitely a huge plus, but then there's also the ease of reviewing the scores, identifying vulnerabilities, and getting the information on the vulnerabilities; the ability to review all that within one tool has been phenomenal. When we're reviewing those Nessus scores, the solution works well.

I think there's still some things that need to be ironed out to ensure that we can have a one-stop shop to do both ACAS, SCAP automated assessments in. We've been trying to do that and they say you can, the capability is integrated into the system. But in most instances, especially when you're dealing with some systems that are standalone or a network that we built ourselves, we find that some devices aren't pinged and the scans aren't done properly. That also comes down to the hardening of the systems where the password or the privileges weren't taken, so therefore it didn't do the scan properly. 

I've been using this solution for the past six or seven years. 

The solution is stable. We haven't run into any issues other than some passwords that don't take, but that's the way we set up the system. If it's set up properly and configured appropriately, there won't be any issues.

We could definitely make the adjustment to scale it left, right, up and down, depending on what we're using it for and we haven't run into any issues on that. It's pretty flexible.

The setup itself is pretty straightforward. Because these are standalone systems, there are some additional steps that the IT team needs to do, but they pretty much have it down to where they could install the tools pretty easily and have it running reasonably quickly. 

I would recommend making sure that the solution meets your needs for automated scans and the SCAP. If you're looking for a one-stop shop, I think it's a great tool for that. I would recommend some form of training if you don't have experience with this kind of solution. There's a bit of a learning curve involved in terms of configuring and using Nessus. 

I rate this solution an eight out of 10. 

While Nessus produces good software, I would like it to allow me to better utilize my homepage. The report structures should be more gradual and effective. Also, other components, such as certain vulnerabilities and Malware detection, should better reflect on the console or dashboard. Nessus does not make this available as there is no centralized dashboard. So too, I require a cloud-based Tenable product, not the one available, which is on-premises.

We have already entered an agreement with Nessus for Tenable.io., following contact I established with South Boston.

Once a person takes part in the demo offered by Tenable.io, we are talking about, more or less, VAS software. The VAS feature is absolutely nice. We have already addressed the coming roadmap with Nessus and it will not include these features. Consequently, perhaps Tenable.io will be the next step. Users such as ourselves will definitely be looking at a different application.

I have been using the solution for the past four years. 

Tenable Nessus is an absolutely stable and fantastic product. As a customer I would give it a 90 percent out of 100 rating.  This is because we have been really satisfied with its use over the past four years. The company and market standards are growing and the margin standard is going up.

Tenable Nessus is competitively slower than Tenable.io.

We are currently trying to procure Tenable.io from Nessus.

I would definitely recommend Tenable Nessus to those who are operating in small environments, with like-sized infrastructure.

When it comes to a big company we should look towards OpenView. Tenable Nessus is not feasible for a large company. For a team comprising 1,000 people, it would be too unstable. Instead, Tenable.io. would be the appropriate choice since it contains a completely different infra.

I rate Tenable Nessus as an eight out of ten. 

We usually use the solution for infrastructure level and web application scanning, although mostly for the former. This is what we are doing at present. We were using the web application portion of Tenable Nessus for several months before switching to Veracode. 

A valuable feature of the solution is that it is easy to understand. When it comes to running a scan, the scanning mechanism is also easy, and it is quite fast compared to Veracode and Qualys.

The solution should have a more in-depth level of scanning, with features to meet the developers. Other points that should be addressed involve the understanding of issues by the users and the need for improvising the reporting structure. The reports should also be more attractive and user-friendly.

This is how Tenable Nessus occasionally works when drawing up something on the field.

Additional features I wish to see addressed in the next release include customer support and ease of  understanding of vulnerabilities and how they can be fixed.

In contrast to Tenable Nessus, we have found Veracode to be more user-friendly, with a greater in-depth understanding of the details and how things can be fixed. Other points in its favor include study cases, customer support, training and e-learning. 

The solution is sort of down the mid range, so we are more happy with Veracode.

We have made use of Tenable Nessus over the past 12 months, and started doing so a couple of months before we got Veracode.

The solution is reliable and has good stability. 

We have been in the web, so we have not tried to expand the solution.

We feel the solution's technical support to be very bad.

While we do receive a response upon creating a ticket, it is not like that of Qualys or Veracode. That extensive support is not there.

The initial setup was straightforward.

We deployed under the release plan of 8.11.

We incurred a single cost for a perpetual license, although I cannot comment on the price as this is above my management level.

There are at least ten people in our organization making use of the solution. 

Tenable Nessus is an appropriate solution for a small scale company, one with budgeting constraints and no complexities within the organization. It not that user-friendly.

I would rate Tenable Nessus as a seven out of ten. 

We use Tenable Nessus when we are preparing our audit where we need to do an initial scan of our customers' platform to see if they have any critical issues.

The reports are pretty nice and easy to understand.

The price could be reduced.

I have been using Tenable Nessus for approximately 20 years, since the time that it was first released. 

This solution is stable. We do not have any issues with the stability of this solution.

It's a scalable product. We have approximately 300 companies.

I have yet to contact technical support. The users within my team are technical people, and if they have an issue, they can resolve it themselves using the knowledge base.

The initial setup is straightforward. It is very easy.

It takes less than 10 minutes to install.

I am the consultant.

We have a team of two to three to deploy and maintain this solution.

We have a subscription, the licensing fees are paid yearly, and I am using the latest version.

The pricing is fine, but it could be cheaper.

So far, I am quite pleased with this product and don't have any complaints. I would recommend this solution to others who are interested in using it.

I would rate this solution a nine out of ten.

I have been using Tenable Nessus for my personal use. It works well.

I am using this solution for testing.

The most valuable features are that it's fast, it's easy to use, and it provides good reports.

The only thing that I don't like is KBs information. For example, if we scan our workstation and you go to the results report that Nessus provides, we are going to see a lot of KBs as remediation. But in most cases, the KBs are always superseded.

Also, we are not able to apply those because Microsoft has already released a new TB. 

Nessus is not doing a good job in updating its remediation section of the reports.

Remediation needs improvement. They are providing a lot of superseded KBs as remediation.

For example, when you share that with several team members or with one individual, and you ask them to work on this, they reply with Microsoft already has something new.

I have been using Tenable Nessus for approximately two years.

This solution is stable. I have not experienced any issues. It worked fine.

It's a scalable solution. I have not had any problems.

I am the only person using this solution.

Technical support is good. They provided information that is needed.

Previously, I was not using another solution. I use Nessus through a course that I was taking in the security field.

The initial setup was straightforward.

We did not use a vendor or vendor team to implement this solution.

I have evaluated one other solution, but because of my company policies. I can't share that information.

Tenable has Tenable.io, and I believe that they have the remediation updated, but Tenable Nessus Professional does not. I don't think that they will continue to keep it available in the market. They should probably decommission it.

Remediation is better in other tools than with Nessus.

For anyone who is interested in this solution, they should test the scan timing to see if it consumes a lot of time or not.

Research the remediation information to see if it is okay, or trust proof or not.

The reporting works well and it allows you to share. Also, support is important.

I would rate Tenable Nesuss an eight out of ten.

We use Tenable Nessus to provide service to our bank.

I use it to provide our main service related to our big management.

Other than providing information security to our clients, it is our information security provider, service provider — we manage it. Using Nessus, we are able to scan and locate any potential vulnerabilities that our clients may have and point them out to them.

I am not sure how many users we have using this solution, but we have more than 100,000 assets distributed between roughly 40 clients.

Tenable Nessus is cheap and flexible.

Currently, they don't have all of the features that I am looking for. I am looking for a technology that installs agents into the machines to perform complicated scanning. That's a good feature that I'm looking for.

Our issues are not all due to Tenable Nessus; we have more than one console that we administrate.

I have been using this solution for 10 to 15 years.

I use this solution on a regular basis at my current company. I used it at my previous company as well.

This solution is quite stable.

The professional version is not very scalable. It's not really scalable considering the number of assets and clients that I have.

Many of our clients would like to switch to a better solution.

The technical support is great. We have called them a few times and they have always helped us.

The initial setup was pretty straightforward. Within a week we had set up all of the infrastructure and were ready to deploy.

We primarily use the solution for vulnerability management. We also use it during our IP scans.

The VPR scores are the solution's most valuable aspects.

The plug-in text information is quite useful.

The solution can scale well.

We've found the solution to be quite stable.

It wasn't very clear how the scripts are running the scans. There's information about the script but it's not straightforward. The script information for each of the plugins should be available, but it doesn't give us straightforward direct information about how it was executed. That needs to be more clear.

We find that the solution causes several issues due to the fact that it runs even before it calculates, the asset in prevention. 

I can't think of any features that are lacking.

I've been using the solution for one to two years at this point.

It's stable. I don't have any major complaints. It doesn't have bugs. It isn't affected by glitches. It doesn't crash or freeze on us. It's reliable.

We have about 100 direct users who are logging onto the solution on a daily basis.

We don't plan on increasing usage at this time.

We have been able to scale it in the past, however, and a company that needs to expand it should not face too many issues doing so.

We've worked with technical support in the past, and we've found them to be quite efficient. They are knowledgable and responsive.

We previously used McAfee and switched over completely at the end of May.

We had some help with the initial setup. We were able to use our vendor's expertise and have them walk us through any issues we had.

However, we completely handle the maintenance now that is it up and running. We have admins who deal with any upkeep.

The vendor assisted us in the initial implementation.

I don't have any information when it comes to the cost of the solution. It's not part of my job to deal with billing or payments, so I don't have any visibility on the cost structure.

We are simply customers. We don't have a business relationship with Tenable.

We're using the latest version of the solution.

I would definitely recommend this solution. It's the best that I've used so far.

On a scale from one to ten, I'd rate it at an eight overall.

We are a company that provides cloud migration services. We help companies to migrate to the public cloud. When our customers want to migrate applications, they're worried about the security aspect in the cloud. So we are trying to see how the application security that is on-premises can be migrated to the cloud.

We don't have any particular solution, we are working with a few options. The customer selects what best suits their needs. If we have a program, we work with that.

It's not specific to what we are working with.

We have done code scanning for a long period because as a company, we do DevOps as part of our development life cycle. We like scanning the ports and security as well as application-level security.

Some of our customers are operating on the cloud as well as on-premises.

We would like to have the option of using the solution for the cloud as well as on-premises with the same license at the same time. That would be very helpful.

We have used this solution for three or four projects in the last two years.

We are always working with the latest version.

The stability varies on the version that you are using. 

We have not had any problems with stability with what we are using. It's been stable and we have never been faced with any stability issues.

We have used this for an enterprise cloud application, which is much smaller with hundreds of users. It's pretty scalable. We have not had any challenges so far. 

I don't know the limits of scalability because we haven't trialed it fully. But for the enterprise application that we use, we didn't find any issue with scalability.

We have contacted technical support, once or twice when we have had issues with respect to some plugin related clarification. 

There are times where the solution doesn't work out of the box, and we have to install some plugins. We needed some assistance with this.

They are good, but the response resolution takes a bit of time. It would say that it's still within an acceptable response time. Within a few hours, they will get back to you with a solution.

The initial setup is pretty easy.

When we use the scales we find it to be easy.

In our experience a complete deployment and start-up, it takes only a few hours.

In some cases, we deploy on-premises because the customer is still evaluating the readiness to go to the cloud. 

A few of our customers are already on the cloud, and others are migrating. We have deployed on both models.

With my experience, I would definitely recommend it. This is the only tool we have used recently.

I would rate this solution an eight out of ten.