I'm using Tenable for a project I'm working on. The primary use case is for web application scanning and we're also able to conduct infrastructure scanning and network scanning. I'm not using all the features.
Cyber Security Engineer at a manufacturing company with 5,001-10,000 employees
Very user friendly with good dashboards
Pros and Cons
- "User friendly and good dashboards."
- "Consumes more system resources when it's running."
What is our primary use case?
What is most valuable?
It's a user friendly solution and I like the dashboards.
What needs improvement?
Unfortunately, the solution consumes more system resources when it's being run and I'd like that to be reduced.
For how long have I used the solution?
I've been using this solution for three months.
Buyer's Guide
Tenable Nessus
October 2024
Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is scalable.
How was the initial setup?
The initial setup was very easy, it didn't take more than 10 minutes. It does depend on internet speed so sometimes deployment might take longer.
What other advice do I have?
I rate this solution an eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Cybersecurity Consultant at CIA Botswana
Helps to discover and patch vulnerabilities proactively
Pros and Cons
- "Nessus' most valuable feature is vulnerability management because it helps to discover vulnerabilities proactively and integrates with patch management solutions so you can push patches."
- "Nessus' reporting could be more user-friendly."
What is our primary use case?
I primarily use Nessus for vulnerability management, including scanning, identifying, and assessing risks.
What is most valuable?
Nessus' most valuable feature is vulnerability management because it helps to discover vulnerabilities proactively and integrates with patch management solutions so you can push patches.
What needs improvement?
Nessus' reporting could be more user-friendly.
For how long have I used the solution?
I've been using Nessus for more than three years.
What do I think about the stability of the solution?
I would rate Nessus' stable five out of five.
What do I think about the scalability of the solution?
Nessus is scalable.
How are customer service and support?
Tenable's technical support has a very good turnaround time.
How was the initial setup?
The initial setup is straightforward, and deployment takes up to five days.
What was our ROI?
The ROI from Nessus is good - it allows us to proactively discover vulnerabilities and deploy patches before the worst-case scenario happens. I would rate the ROI five out of five.
What's my experience with pricing, setup cost, and licensing?
Nessus is affordable, but its licensing model could be improved with more flexibility for adding assets.
What other advice do I have?
I would advise anybody thinking of implementing Nessus that they should be competent with risk management language and do some training on the solution, otherwise, they won't understand anything. I would rate Nessus ten out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Feb 23, 2024
Flag as inappropriateBuyer's Guide
Tenable Nessus
October 2024
Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
816,406 professionals have used our research since 2012.
CSSP Manager at a tech services company with 51-200 employees
Largely problem-free with good scanning capabilities and a good interface
Pros and Cons
- "The automatic scanner and scheduler are pretty cool."
- "The reporting is a bit cumbersome."
What is our primary use case?
I primarily use the solution for vulnerability scanning within our organization.
What is most valuable?
The automatic scanner and scheduler are pretty cool.
The interface is excellent. It makes it very user friendly and easy to navigate for the most part.
It's a pretty solid product. I pretty much like almost all of it.
The product is pretty problem-free. We don't have any real issues with it.
What needs improvement?
The reporting is a bit cumbersome.
A lot of times you have got to, if you want to test things, go in and then back all the way out, and then try something else, and that just becomes cumbersome.
The testing functionality could be better.
The way they had set up the scan sometimes is difficult as well. It's partly due to how it's set up where I am. It's not necessarily a Tenable thing, however, the user, how they assign users and roles, is strange. Sometimes if a coworker sets up a scan, I can't start it or stop it. That's just something that may be an issue on our set-up and not a Tenable issue.
For how long have I used the solution?
I've been using the solution for a while. I've probably been using the solution since 2015. It's been over five years at this point.
What other advice do I have?
We're just customers. We're end-users. We don't have a business relationship with the company.
We're using the solution as what I would consider a hybrid, where the security center is managed by another group. However, we have a scanner in our network that connects back to the security center and the DOD of Azure.
We're largely happy with the product. Overall, I'd rate the solution eight out of ten. If it weren't for the reporting or the scanning difficulties, I would rate it higher.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Threat Intelligence Engineer at a tech services company with 11-50 employees
It's easy to set up and integrate
Pros and Cons
- "Nessus is effortless to integrate."
- "The reporting could be improved. The reporting in Rapid7 is much better."
What is our primary use case?
We use Nessus for vulnerability assessment. Three or four engineers at my company are using it currently.
What is most valuable?
Nessus is effortless to integrate.
What needs improvement?
The reporting could be improved. The reporting in Rapid7 is much better.
What do I think about the stability of the solution?
Nessus performs well.
What do I think about the scalability of the solution?
Nessus is scalable.
How are customer service and support?
I'm happy with Tenable's technical support.
How was the initial setup?
Nessus is easy to set up, and it only takes about two hours to deploy.
What other advice do I have?
I rate Tenable Nessus nine out of 10. Nessus isn't suitable for everyone. It depends on the case. If you need reporting for the COs and stuff, Rapid7 is better. However, if you are implementing it as part of an ongoing VA or retention operation, you should probably use Tenable.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Founder & CEO at a tech services company with 1-10 employees
Highly stable, easy to use, and useful self updating
Pros and Cons
- "The most valuable feature of Tenable Nessus is the self-updating engine."
- "Tenable Nessus could improve the reporting."
What is our primary use case?
Tenable Nessus can be deployed on the cloud and on-premise.
I use Tenable Nessus for an internal secured scale.
What is most valuable?
The most valuable feature of Tenable Nessus is the self-updating engine.
What needs improvement?
Tenable Nessus could improve the reporting.
For how long have I used the solution?
I have been using Tenable Nessus for approximately three years.
What do I think about the stability of the solution?
Tenable Nessus is highly stable.
What do I think about the scalability of the solution?
The scalability of Tenable Nessus is good.
I am the only one in cybersecurity using this solution in my organization.
How are customer service and support?
Tenable Nessus is very easy to support and manage and this is why I have not needed to contact support.
How was the initial setup?
The initial setup of Tenable Nessus is easy.
What's my experience with pricing, setup cost, and licensing?
The is a free version of Tenable Nessus available.
In Brazil, it is about $3,500 per year.
What other advice do I have?
My advice to others is for them to start using the free version to get used to the solution.
I rate Tenable Nessus an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Infrastructure Project Manager at a energy/utilities company with 501-1,000 employees
Has good vulnerability reporting and is stable and scalable
Pros and Cons
- "The solution is very stable."
- "I would like to see an improvement in the ranking of high, medium and low vulnerability."
What is our primary use case?
Our primary use case of this solution is scanning of our external websites.
What is most valuable?
The feature I find most valuable is the vulnerability reporting.
What needs improvement?
I would like to see an improvement in the ranking of high, medium and low vulnerability.
For how long have I used the solution?
I have been using Tenable Nessus for six months now.
What do I think about the stability of the solution?
The solution is very stable.
What do I think about the scalability of the solution?
Tenable Nessus is a very scalable solution. We have over 50 devices running on it currently, and over 50 locations. And we plan to increase our usage in the future. We use our existing team for maintenance, so we didn't have to increase our headcounts. One person is enough to do the maintenance.
How are customer service and technical support?
The technical support is good.
How was the initial setup?
I will say the initial setup was not straightforward, and not complex either. It's medium. Technically it's not too complicated, but if you work with a good partner, they can help. The deployment took us about three to six months.
What other advice do I have?
My advice to others would be to include post-implementation support for six months from the vendor to help with the fine-tuning. I rate this solution an eight out of ten. In the future, I would like to see better reporting for high impact vulnerabilities.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Chief Hacking Officer at a security firm with 1-10 employees
Easy to set up and use, reasonably-priced, and works well out of the box
Pros and Cons
- "Out of the box, the product works well for us, so it's not a tool that we need to customize very much."
- "The reports are okay, but the interface is a bit difficult to navigate in some cases."
What is our primary use case?
Our use cases are pretty straightforward. We primarily use it for conducting vulnerability scans.
What is most valuable?
Out of the box, the product works well for us, so it's not a tool that we need to customize very much.
What needs improvement?
The reporting interface is in need of improvement. The reports are okay, but the interface is a bit difficult to navigate in some cases.
Nessus is not very good at identifying web application vulnerabilities, which means that we need to buy another product like Acunetix or EMC Networker to handle that part. This is an area that could be enhanced because we would prefer to have these capabilities in one application.
For how long have I used the solution?
I have been using Tenable Nessus for more than 10 years.
What do I think about the stability of the solution?
Tenable is a reliable solution.
What do I think about the scalability of the solution?
We have not had any use cases that required scaling.
Our installation is a single tenant.
How are customer service and technical support?
We haven't had the need to contact technical support.
Which solution did I use previously and why did I switch?
Many years ago, we tried Nexpose by Rapid7.
How was the initial setup?
The initial setup was easy and very straightforward.
It took about half an hour to deploy, including all of the updates. It is the updates that take time to complete.
What's my experience with pricing, setup cost, and licensing?
We pay approximately $2,500 on a yearly basis. We do not pay any fees in addition to the standard licensing costs.
What other advice do I have?
Ultimately, we plan to use this product less because it is something that we advise our customers to buy for themselves. They should not be using our solution.
My advice for anybody who is considering Tenable Nessus is that it is easy to install, easy and straightforward to use, and not expensive. These are the reasons that we advice our customers to use it.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Founder & CEO at a tech services company with 1-10 employees
Very user friendly and affordable
Pros and Cons
- "The trial version is very good for testing whether it will suit your needs."
- "The report for counters is too simple and would be improved by a dashboard."
What is our primary use case?
I'm currently using the Nessus essentials for testing, it's installed on my Notebook. My company has only been in operation for one month so as soon as I close with my first client, I will buy the professional version. I used the solution in my previous job.
What is most valuable?
I have chosen Nessus because it's very simple to use and install. Depending on the number of assets you scan, Nessus is also an affordable solution. Products such as Tenable IO and RapidLab, can become expensive depending on the number of IPs. So Nessus Pro is perfect for my needs right now.
What needs improvement?
I'd like to see a dashboard for this product because the report for counters is too simple. There needs to be something better for the client.
For how long have I used the solution?
I've been using this solution for five years.
What do I think about the stability of the solution?
This solution is stable.
What do I think about the scalability of the solution?
The solution is definitely scalable.
How are customer service and support?
I've never needed to contact Tenable support, I've been able to resolve any issues myself.
How was the initial setup?
The initial setup is very easy. Deployment takes less than two hours, it's simple.
What other advice do I have?
It's important to test the solution so you know that it works for your situation. They have a trial version so it's easy to test before you purchase it.
I rate this solution eight out of 10.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Tenable Nessus Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Vulnerability ManagementPopular Comparisons
Microsoft Defender for Cloud
Qualys VMDR
Tenable Security Center
Tanium
Tenable Vulnerability Management
Orca Security
Pentera
Acunetix
JFrog Xray
Claroty Platform
Skybox Security Suite
Lacework
Microsoft Defender Vulnerability Management
Rapid7 Metasploit
Buyer's Guide
Download our free Tenable Nessus Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Qualys VM vs Tenable Nessus: Comparison
- How would you choose between Rapid7 InsightVM and Tenable Nessus?
- What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
- How does Tenable Nessus compare with Qualys VM?
- What are the main differences between Qualys VMDR and Tenable Nessus?
- How inadvisable is it to use a single vulnerability analysis tool?
- What are the benefits of continuous scanning for vulnerability management?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- What are the main KPIs that need to be implemented to have better posture in vulnerability projects?