Try our new research platform with insights from 80,000+ expert users
PeerSpot user
Implementation Engineer at GFx Soluciones
Real User
The comprehensive coverage offered has been the most remarkable

What is our primary use case?

Nessus was used to scan vulnerabilities and compliances in our clients' networks and with this, carry out the remediation process through constant cycles in time until threats to the network are considerably reduced. The environments are small business networks (less than 50 employees), and so far there have been no major impediments in the scans performed.

How has it helped my organization?

Nessus has greatly improved the security of our clients' networks. The comfortable management of their systems makes it easier for engineers to use the codes for each vulnerability or compliance. Deploying the server to launch the scans is very easy, and only the necessary prerequisites for scanning should be fulfilled. Nessus has been very valuable to the company.

What is most valuable?

The comprehensive coverage offered by Nessus has been the most remarkable; it really does everything that has been asked of the software.

It's great, the possibility of automating implementations and really your database is immense for all the compliances and vulnerabilities.

Tenable University is great and allows to train all the personnel in charge of making the scans in an optimal and effective way.

What needs improvement?

  • I think that the next versions could improve the graphical interface to make more intuitive the management of the reports. 
  • Additionally, it could include better features in the vulnerability scan at the language level.
Buyer's Guide
Tenable Nessus
November 2024
Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,067 professionals have used our research since 2012.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Nessus is very stable and really works in diverse environments without any difficulty. The most important thing is to establish the necessary requirements.

What do I think about the scalability of the solution?

Scalability of this type of software does not seem so relevant.

How are customer service and support?

The Tenable support is very good and has really solved in a timely manner the problems that have occurred in the various projects.

Which solution did I use previously and why did I switch?

In the company, Qualys was used, and it was not possible to manage the projects with this tool.

How was the initial setup?

Quite simple and comfortable.

What about the implementation team?

Internal team.

What was our ROI?

Phenomenal.

What's my experience with pricing, setup cost, and licensing?

The costs are not high, considering all the support and service offered by Tenable.

What other advice do I have?

Scans using agents are very useful, and taking advantage of them is the best way to take advantage of the tool.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Cyber Security Expert at a security firm with 11-50 employees
Real User
Easy to install, reliable, helpful support, and has a good assessment tool
Pros and Cons
  • "Tenable Nessus is one of the best vulnerability assessment tools, that I know."
  • "They need more flexible pricing."

What is our primary use case?

We use this solution for information gathering and as an assessment tool.

What is most valuable?

Tenable Nessus is one of the best vulnerability assessment tools, that I know.

What needs improvement?

The price could be improved. They need more flexible pricing.

If they had a very creative idea, maybe they could add a special feature. Even extending functions, or exploring new areas. If they were able to integrate it with the existing solution, that would be fine.

I would like to see more integrations, more ideas or services, and functions offered.

It's about wider functionality and not a question of integration. It's more a question of, creativity. If they have other ideas such as what could be added to the vulnerability management. 

For how long have I used the solution?

I have been using Tenable Nessus for five years.

What do I think about the stability of the solution?

Tenable Nessus is a stable product.

What do I think about the scalability of the solution?

It's a scalable solution.

Nessus we either use Nessus for projects for ourselves in many situations, and they also deliver Nessus as a solution for at least five clients. We also have approximately 10 users in our organization.

How are customer service and technical support?

My experience with technical support is very positive.

How was the initial setup?

The installation was easy.

It took approximately six hours to install and deploy.

We need two for the deployment and maintenance, we have two or three people.

What's my experience with pricing, setup cost, and licensing?

In general, it is extremely expensive. If they have a higher price, that's fine, but if there were one or two solutions where you can buy something for a cheaper price then that would make sense for many users.

I understand why it's expensive, but it would be good to have a limited solution with cheaper prices.

There are different solutions for purchasing Nessus, which is not possible with Datadog.

What other advice do I have?

I would recommend this solution to others.

I would rate Tenable Nessus a nine out of ten because it has many dimensions.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Tenable Nessus
November 2024
Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
824,067 professionals have used our research since 2012.
CEO at Screenit Labs Pvt Ltd
Real User
Easy to setup, and allows you to migrate applications safely to the cloud
Pros and Cons
  • "We have done code scanning for a long period because as a company, we do DevOps as part of our development life cycle."
  • "We would like to have the option of using the solution for the cloud as well as on-premises with the same license at the same time. That would be very helpful."

What is our primary use case?

We are a company that provides cloud migration services. We help companies to migrate to the public cloud. When our customers want to migrate applications, they're worried about the security aspect in the cloud. So we are trying to see how the application security that is on-premises can be migrated to the cloud.

We don't have any particular solution, we are working with a few options. The customer selects what best suits their needs. If we have a program, we work with that.

It's not specific to what we are working with.

What is most valuable?

We have done code scanning for a long period because as a company, we do DevOps as part of our development life cycle. We like scanning the ports and security as well as application-level security.

What needs improvement?

Some of our customers are operating on the cloud as well as on-premises.

We would like to have the option of using the solution for the cloud as well as on-premises with the same license at the same time. That would be very helpful.

For how long have I used the solution?

We have used this solution for three or four projects in the last two years.

We are always working with the latest version.

What do I think about the stability of the solution?

The stability varies on the version that you are using. 

We have not had any problems with stability with what we are using. It's been stable and we have never been faced with any stability issues.

What do I think about the scalability of the solution?

We have used this for an enterprise cloud application, which is much smaller with hundreds of users. It's pretty scalable. We have not had any challenges so far. 

I don't know the limits of scalability because we haven't trialed it fully. But for the enterprise application that we use, we didn't find any issue with scalability.

How are customer service and technical support?

We have contacted technical support, once or twice when we have had issues with respect to some plugin related clarification. 

There are times where the solution doesn't work out of the box, and we have to install some plugins. We needed some assistance with this.

They are good, but the response resolution takes a bit of time. It would say that it's still within an acceptable response time. Within a few hours, they will get back to you with a solution.

How was the initial setup?

The initial setup is pretty easy.

When we use the scales we find it to be easy.

In our experience a complete deployment and start-up, it takes only a few hours.

What other advice do I have?

In some cases, we deploy on-premises because the customer is still evaluating the readiness to go to the cloud. 

A few of our customers are already on the cloud, and others are migrating. We have deployed on both models.

With my experience, I would definitely recommend it. This is the only tool we have used recently.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
MuhammadMurtaza - PeerSpot reviewer
Information security engineer at Cyberisk
Real User
Top 5
Has individual options available for web servers
Pros and Cons
  • "The features I personally like include host discovery."
  • "The support has been really cooperative."
  • "Sometimes, the categorization for clients was tricky at first, however, they eventually got used to it."

What is our primary use case?

We have clients, and we are a vendor. We have deployed Tenable Nessus users with the help of the Principal on the client's environment. I have experience with the deployment and the scanning.

What is most valuable?

The features I personally like include host discovery. For web servers, there are individual options available. There are many options that are useful to us.

What needs improvement?

Sometimes, the categorization for clients was tricky at first, however, they eventually got used to it.

What do I think about the stability of the solution?

I haven't faced any issues as of now. It has been stable with no critical issues, technical issues, or downtimes.

How are customer service and support?

The support has been really cooperative. Whenever any issue arises, we contact the support, and they are always there for us. The support is pretty good.

How would you rate customer service and support?

Positive

What about the implementation team?

The deployment was done by the Tenable team, and I was part of this process.

What other advice do I have?

I definitely recommend Tenable Nessus for network scanning and other tasks.

I'd rate the solution eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Flag as inappropriate
PeerSpot user
Ali Al-Mahrooqi - PeerSpot reviewer
Manager at a financial services firm with 201-500 employees
Real User
Affordable, stable, and easy to set up vulnerability scanner with a responsive technical support
Pros and Cons
  • "Easy to set up vulnerability scanner with good stability and a responsive technical support team."
  • "The inventory management function in this solution needs improvement."

What is our primary use case?

We're using Tenable Nessus to manage vulnerabilities.

What is most valuable?

What I like most about Tenable Nessus is its vulnerability scanning feature.

What needs improvement?

A room for improvement which I see in Tenable Nessus is the inventory management function.

For how long have I used the solution?

I've been working with Tenable Nessus for two years now.

What do I think about the stability of the solution?

I'm satisfied with the stability of Tenable Nessus.

What do I think about the scalability of the solution?

We have not tried to scale up Tenable Nessus. The number of users we have when we started using it is still the same.

How are customer service and support?

Technical support for this solution was good. They were responsive.

How was the initial setup?

The initial setup for this solution was easy.

What about the implementation team?

We implemented Tenable Nessus through a vendor team, and the process took one month to complete. They were good.

What's my experience with pricing, setup cost, and licensing?

This solution is affordable. We pay a standard fee. We pay for the license yearly.

What other advice do I have?

I work with different products, e.g. firewalls, PAM technology, antivirus, WAF, and proxy. I'm handling information security in the government, not as a consultant. I deal with government procedures.

We deployed this solution on hardware, on VM.

We have 10 users of Tenable Nessus, and they are a mix of engineers and managers.

I'm scoring Tenable Nessus a ten out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Deputy Manager at a consultancy with 501-1,000 employees
Real User
Geared for use in small environments
Pros and Cons
  • "Tenable Nessus is an absolutely stable and fantastic product."
  • "Tenable Nessus is not feasible for a large company."

What needs improvement?

While Nessus produces good software, I would like it to allow me to better utilize my homepage. The report structures should be more gradual and effective. Also, other components, such as certain vulnerabilities and Malware detection, should better reflect on the console or dashboard. Nessus does not make this available as there is no centralized dashboard. So too, I require a cloud-based Tenable product, not the one available, which is on-premises.

We have already entered an agreement with Nessus for Tenable.io., following contact I established with South Boston.

Once a person takes part in the demo offered by Tenable.io, we are talking about, more or less, VAS software. The VAS feature is absolutely nice. We have already addressed the coming roadmap with Nessus and it will not include these features. Consequently, perhaps Tenable.io will be the next step. Users such as ourselves will definitely be looking at a different application.

For how long have I used the solution?

I have been using the solution for the past four years. 

What do I think about the stability of the solution?

Tenable Nessus is an absolutely stable and fantastic product. As a customer I would give it a 90 percent out of 100 rating.  This is because we have been really satisfied with its use over the past four years. The company and market standards are growing and the margin standard is going up.

Tenable Nessus is competitively slower than Tenable.io.

What other advice do I have?

We are currently trying to procure Tenable.io from Nessus.

I would definitely recommend Tenable Nessus to those who are operating in small environments, with like-sized infrastructure.

When it comes to a big company we should look towards OpenView. Tenable Nessus is not feasible for a large company. For a team comprising 1,000 people, it would be too unstable. Instead, Tenable.io. would be the appropriate choice since it contains a completely different infra.

I rate Tenable Nessus as an eight out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1397976 - PeerSpot reviewer
Owner at a tech services company with 1-10 employees
Real User
Easy to use, good support, and gives full reports of what's vulnerable per device
Pros and Cons
  • "I like its ease of use. It has the script that is pre-built in it, and you just got to know which ones you're looking for."
  • "The price could be more reasonable. I used the free Nessus version in my lab with which you can only scan 16 IP addresses. If I wanted to put it in the lab in my network at work, and I'm doing a test project that has over 30 nodes in it, I can't use the free version of Nessus to scan it because there are only 16 IP addresses. I can't get an accurate scan. The biggest thing with all the cybersecurity tools out there nowadays, especially in 2020, is that there's a rush to get a lot of skilled cybersecurity analysts out there. Some of these companies need to realize that a lot of us are working from home and doing proof of concepts, and some of them don't even offer trials, or you get a trial and it is only 16 IP addresses. I can't really do anything with it past 16. I'm either guessing or I'm doing double work to do my scans. Let's say there was a license for 50 users or 50 IP addresses. I would spend about 200 bucks for that license to accomplish my job. This is the biggest complaint I have as of right now with all cybersecurity tools, including Rapid7, out there, especially if I'm in a company that is trying to build its cybersecurity program. How am I going to tell my boss, who has no real budget of what he needs to build his cybersecurity program, to go spend over $100,000 for a tool he has never seen, whereas, it would pack the punch if I could say, "Let me spend 200 bucks for a 50 user IP address license of this product, do a proof of concept to scan 50 nodes, and provide the reason for why we need it." I've been a director, and now I'm an ISO. When I was a director, I had a budget for an IT department, so I know how budgets work. As an ISO, the only thing that's missing from my C-level is I don't have to deal with employees and budgets, but I have everything else. It's hard for me to build the program and say, "Hey, I need these tools." If I can't get a trial, I would scratch that off the list and find something else. I'm trying to set up Tenable.io to do external PCI scans. The documentation says to put in your IP addresses or your external IP addresses. However, if the IP address is not routable, then it says that you have to use an internal agent to scan. This means that you set up a Nessus agent internally and scan, which makes sense. However, it doesn't work because when you use the plugin and tell it that it is a PCI external, it says, "You cannot use an internal agent to scan external." The documentation needs to be a little bit more clear about that. It needs to say if you're using the PCI external plugin, all IP addresses must be external and routable. It should tell the person who's setting it up, "Wait a minute. If you have an MPLS network and you're in a multi-tenant environment and the people who hold the network schema only provide you with the IP addresses just for your tenant, then you are not going to know what the actual true IP address that Tenable needs to do a PCI scan." I've been working on Tenable.io to set up PCI scans for the last ten days. I have been going back and forth to the network thinking I need this or that only to find out that I'm teaching their team, "Hey, you know what, guys? I need you to look past your MPLS network. I need you to go to the edge's edge. Here's who you need to ask to give me the whitelist to allow here." I had the blurb that says the plugin for external PCI must be reachable, and you cannot use an internal agent. I could have cut a few days because I thought I had it, but then when I ran it, it said that you can't run it this way. I wasted a few hours in a day. In terms of new features, it doesn't require new features. It is a tool that has been out there for years. It is used in the cybersecurity community. It has got the CV database in it, and there are other plugins that you could pass through. It has got APIs you can attach to it. They can just improve the database and continue adding to the database and the plugins to make sure those don't have false positives. If you're a restaurant and you focus on fried chicken, you have no business doing hamburgers."

What is our primary use case?

We use it for vulnerability management. We have the latest version because we're using it in the cloud right now. I have a public cloud and a private cloud version.

How has it helped my organization?

When we do our scans, I'm able to give full reports of what's vulnerable per device. I could group them and say, "Hey, here's a vulnerability in the infrastructure. Here's all the host that needs to be addressed," by showing the report. When I give a report or a request for change, I would include the report so that they are undisputed. Instead of the sys admins giving the excuse of, "Hey, we don't have enough time," or, "We've already done it," or some other poor excuse, now I have a report behind it that says, "Hey, you're vulnerable with this. Here's the CVE, and here's the POC of the CVE," and then if I want to be a little bit more obnoxious, I provide them the POC that I ran with the proof that the POC is there, and then I'm able to say, "Hey, you need to patch this now."

My executives now are able to say, "Hey, you know what? The ISO gave you a directive to patch this with proof. Why haven't you done it?" Because now, as we know, all C-levels are ultimately responsible. If you have an ISO that is interfacing with sys admins saying, "Hey, here's a change that you need to patch it. Here's my proof that even has POC with proof and the report," then there is no benign, "Why haven't you done it?"

What is most valuable?

I like its ease of use. It has the script that is pre-built in it, and you just got to know which ones you're looking for.

What needs improvement?

The price could be more reasonable. I used the free Nessus version in my lab with which you can only scan 16 IP addresses. If I wanted to put it in the lab in my network at work, and I'm doing a test project that has over 30 nodes in it, I can't use the free version of Nessus to scan it because there are only 16 IP addresses. I can't get an accurate scan. The biggest thing with all the cybersecurity tools out there nowadays, especially in 2020, is that there's a rush to get a lot of skilled cybersecurity analysts out there. Some of these companies need to realize that a lot of us are working from home and doing proof of concepts, and some of them don't even offer trials, or you get a trial and it is only 16 IP addresses. I can't really do anything with it past 16. I'm either guessing or I'm doing double work to do my scans. Let's say there was a license for 50 users or 50 IP addresses. I would spend about 200 bucks for that license to accomplish my job. This is the biggest complaint I have as of right now with all cybersecurity tools, including Rapid7, out there, especially if I'm in a company that is trying to build its cybersecurity program. How am I going to tell my boss, who has no real budget of what he needs to build his cybersecurity program, to go spend over $100,000 for a tool he has never seen, whereas, it would pack the punch if I could say, "Let me spend 200 bucks for a 50 user IP address license of this product, do a proof of concept to scan 50 nodes, and provide the reason for why we need it." I've been a director, and now I'm an ISO. When I was a director, I had a budget for an IT department, so I know how budgets work. As an ISO, the only thing that's missing from my C-level is I don't have to deal with employees and budgets, but I have everything else. It's hard for me to build the program and say, "Hey, I need these tools." If I can't get a trial, I would scratch that off the list and find something else.

I'm trying to set up Tenable.io to do external PCI scans. The documentation says to put in your IP addresses or your external IP addresses. However, if the IP address is not routable, then it says that you have to use an internal agent to scan. This means that you set up a Nessus agent internally and scan, which makes sense. However, it doesn't work because when you use the plugin and tell it that it is a PCI external, it says, "You cannot use an internal agent to scan external." The documentation needs to be a little bit more clear about that. It needs to say if you're using the PCI external plugin, all IP addresses must be external and routable. It should tell the person who's setting it up, "Wait a minute. If you have an MPLS network and you're in a multi-tenant environment and the people who hold the network schema only provide you with the IP addresses just for your tenant, then you are not going to know what the actual true IP address that Tenable needs to do a PCI scan."

I've been working on Tenable.io to set up PCI scans for the last ten days. I have been going back and forth to the network thinking I need this or that only to find out that I'm teaching their team, "Hey, you know what, guys? I need you to look past your MPLS network. I need you to go to the edge's edge. Here's who you need to ask to give me the whitelist to allow here." I had the blurb that says the plugin for external PCI must be reachable, and you cannot use an internal agent. I could have cut a few days because I thought I had it, but then when I ran it, it said that you can't run it this way. I wasted a few hours in a day.

In terms of new features, it doesn't require new features. It is a tool that has been out there for years. It is used in the cybersecurity community. It has got the CV database in it, and there are other plugins that you could pass through. It has got APIs you can attach to it. They can just improve the database and continue adding to the database and the plugins to make sure those don't have false positives. If you're a restaurant and you focus on fried chicken, you have no business doing hamburgers.

For how long have I used the solution?

I've been using Nessus for about eight years.

What do I think about the stability of the solution?

Internally, it is stable. Externally also, from what I've seen, it is stable. The only problem that I've had with it was if you have a network and internet blip, you get disconnected, but that happens with anything. Right now, I would say that a lot of cloud companies are having problems because COVID has got a lot of people working from home remotely in VPN. This is the biggest problem we have. You went from 35 people using VPN to over 2,000 people using VPN. You're trying to go to a cloud that wasn't set up for VPN, or you don't have the necessary routes or bandwidth to it. The average person is going to say, "This cloud application sucks." It doesn't really suck. It means that you don't have enough bandwidth in your infrastructure.

What do I think about the scalability of the solution?

We haven't had to scale it yet. We haven't scaled internal Nessus because we have our own version of it. I'm not sure how many IP addresses we're feeding, but I know we only have one server. I looked at the processes, and it's only doing 50% of the process.

We have 13 people who are capable or licensed to use it, which would be all of our risk management information, information security, and risk management office, but I would say only half or about six of us are actually using it daily.

How are customer service and technical support?

I've used the tech support a couple of times. I would say they are very good because they were able to say, "Hey, let's stop the chatting. Let's get on a Webex, and we will Webex you and ask the questions directly." They were able to get to the engineers on the Webex at the same time, and within 30 minutes, they solved our problem. I would rate them a ten out of ten.

How was the initial setup?

If I was installing Nessus just by itself, it is straightforward simply because I've done it before. If you're setting up Nessus from the cloud version, there's a little bit more to it because, for one, it's in the cloud version, and you got to open up ports for your network. You got network people who get all scary because they don't understand what you're doing. Other than that, once you get it set up, then it is pretty much straightforward.

What's my experience with pricing, setup cost, and licensing?

Nowadays, your vulnerability applications are going to be kind of pricey because lots of them, including Rapid7, are based upon a base price, but then they add in the nodes. That's where they get you. If you're a big network, obviously, you need to scan everything. Therefore, it's going to be costly.

The risk and insurance money associated with having ransomware on my networks is going to cost me more money, time, and marketing than the price of the tool. That's why I'm speaking only as an information security officer to security operations. This is the tool that is there in my toolbox to say whether we vulnerable or not. At this point, I don't care about how much it costs my company to have it because if I wasn't able to report it and we got ransomware, then who cares? I'm probably going to be out of business because it happened. That's why I don't care about the price. I have it, and I could use it effectively and do my report. At the end of the day, even if we get ransomware, as long as I reported it, followed my protocol, and put in the change, irrespective of whether it was ignored or denied, I did my job.

What other advice do I have?

The advice would be definitely doing your proof of concept because that's what you're going to need for your buy-in for your upper management because it is going to cost some money. I would do a hybrid version, where your own Nessus is internal, and then you have your cloud. If you lose connection to the internet, you could still run an internal Nessus scan to save the scan and then input the scan into Tenable.sc. Do your proof of concepts, get your reports, and use your proof of concepts when you do your presentation to upper management to purchase. If you use your own nodes and your own network as your proof of concept, it gives them an eye view of, "Hey, we're vulnerable because of this, and here's the tool that did it." To me, that was a better selling point because it was real. It wasn't the demo data. Once you have purchased it and get it all set up, use it continuously, meaning include your scanned reports with your change control. This way, it shuts all the administrators who have been there over 20 years and say, "Hey, I don't want to patch right now because it takes the network down." Yes, it's going to take the network down. However, the longer you wait, the more vulnerable you are because if I'm doing change requests every week, and I'm calling on more and more risk and you start to find the same nodes in the same reports, then somebody up high is going to say to the network administrator guy to fix it.

I would rate Tenable Nessus a ten out of ten right now. If you had asked me last year, Rapid7 would have been the same and on top, but now that I've been using Tenable and I'm comparing the jobs that I'm doing right now, Tenable is cut and clear to what the report is saying. My favorite report is the VPR report. Instead of just looking at CVS numbers, it has a VPR report that ranks, whereas, in Rapid7, it's just focused on CVS. It is CVS version 2 or 3, which kind of gets confusing. For example, in Tenable, I can run a scheduled scan and have my report, but let's say, for instance, I did patching in the middle before my scheduled scan. I could kick off a new scan specifically for that vulnerability and get a report, whereas, in Rapid7, you could not easily do that. Therefore, you were stuck waiting for the scan to go again and to see if your mitigation efforts fixed it.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1785186 - PeerSpot reviewer
CBO at a security firm with 11-50 employees
Reseller
Scans the network and gives you a report about vulnerability assessment tools and the solution
Pros and Cons
  • "It gives you an unlimited IP scan."
  • "I would like to have a management option after the network scanning."

What is our primary use case?

Our customers are using this solution. They scan their network, and they get a report about vulnerability assessment tools and solutions.

It's deployed on-prem.

What is most valuable?

It gives you an unlimited IP scan. It's a cheap solution compared to Rapid7 or Qualys. It's very user-friendly. Customers can easily scan their network.

What needs improvement?

I would like to have a management option after the network scanning.

Which solution did I use previously and why did I switch?

The difference between Nessus and Rapid7 is price. Nessus is a very cheap solution compared to Rapid7 and has unlimited IP scanning facilities, but Rapid7 doesn't have this option. It has IP limitations. Rapid7 has some models based on how many IPs the customer wants to scan, and the costs depends on that amount.

What's my experience with pricing, setup cost, and licensing?

The cost is around $4,300 per year. Use is unlimited. You don't pay more if you want to use it for another IP.

What other advice do I have?

I would rate this solution 8 out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Buyer's Guide
Download our free Tenable Nessus Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Product Categories
Vulnerability Management
Buyer's Guide
Download our free Tenable Nessus Report and get advice and tips from experienced pros sharing their opinions.