Our use cases are pretty straightforward. We primarily use it for conducting vulnerability scans.
Chief Hacking Officer at a security firm with 1-10 employees
Easy to set up and use, reasonably-priced, and works well out of the box
Pros and Cons
- "Out of the box, the product works well for us, so it's not a tool that we need to customize very much."
- "The reports are okay, but the interface is a bit difficult to navigate in some cases."
What is our primary use case?
What is most valuable?
Out of the box, the product works well for us, so it's not a tool that we need to customize very much.
What needs improvement?
The reporting interface is in need of improvement. The reports are okay, but the interface is a bit difficult to navigate in some cases.
Nessus is not very good at identifying web application vulnerabilities, which means that we need to buy another product like Acunetix or EMC Networker to handle that part. This is an area that could be enhanced because we would prefer to have these capabilities in one application.
For how long have I used the solution?
I have been using Tenable Nessus for more than 10 years.
Buyer's Guide
Tenable Nessus
October 2024
Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
What do I think about the stability of the solution?
Tenable is a reliable solution.
What do I think about the scalability of the solution?
We have not had any use cases that required scaling.
Our installation is a single tenant.
How are customer service and support?
We haven't had the need to contact technical support.
Which solution did I use previously and why did I switch?
Many years ago, we tried Nexpose by Rapid7.
How was the initial setup?
The initial setup was easy and very straightforward.
It took about half an hour to deploy, including all of the updates. It is the updates that take time to complete.
What's my experience with pricing, setup cost, and licensing?
We pay approximately $2,500 on a yearly basis. We do not pay any fees in addition to the standard licensing costs.
What other advice do I have?
Ultimately, we plan to use this product less because it is something that we advise our customers to buy for themselves. They should not be using our solution.
My advice for anybody who is considering Tenable Nessus is that it is easy to install, easy and straightforward to use, and not expensive. These are the reasons that we advice our customers to use it.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Senior Consultant at a tech company with 1,001-5,000 employees
Reduces the amount of time spent on finding vulnerabilities.
Pros and Cons
- "Tenable Nessus streamlines the process of scanning for our organization."
- "This is still a maturing product. Tenable is only a scanner for one ability, while other solutions like Rapid7 have more tools for verification. We still have to manually verify to see if the vulnerability is a false positive or not."
What is our primary use case?
My primary use case of this solution is for scanning internal networks.
How has it helped my organization?
We use Tenable Nessus for scanning. We find lots of vulnerabilities and then we reduce the time spent on finding inbox vulnerabilities. Of course, Tenable streamlines the process. It has been a positive experience overall.
Tenable can scan for missing patches for the endpoints. We can scan it and then, once we can support any endpoint without patching, we inform our users.
What is most valuable?
We wanted to do a lot of Hardening and we have to make sure that all endpoints are up to the certain Hardening standard and we propose the CIS benchmark to do this. That's why we use Tenable to do scanning frequency and to ensure the quality of the endpoints.
What needs improvement?
This is still a maturing product. Tenable is only a scanner for one ability, while other solutions like Rapid7 have more tools for verification. We still have to manually verify to see if the vulnerability is a false positive or not.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
It is stable. We have not had any major issues. It performs as scheduled and scans as needed.
What do I think about the scalability of the solution?
In terms of scalability, there is an issue with cloud servers. You need the internet bandwidth to do the testing. They consume a lot of bandwidth and they use the cloud scanners for the scanning.
How is customer service and technical support?
I usually use the dashboard for support. It shows the critical vulnerabilities from low to high. They are very responsive when necessary.
How was the initial setup?
The implementation was straightforward. First, we noticed whether everything was ready, then we got a license key, set up some basic scanning using a default template, and finally, we scheduled time.
What's my experience with pricing, setup cost, and licensing?
The price of Tenable Nessus is much more competitive versus other solutions on the market.
Which other solutions did I evaluate?
We were manually scanning before using Tenable Nessus. We looked at Rapid7 but we are satisfied with Tenable Nessus.
What other advice do I have?
I would suggest that people considering this solution should choose the cloud-based solution versus the on-premise version.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Tenable Nessus
October 2024
Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Cyber Security Engineer at a manufacturing company with 5,001-10,000 employees
Very user friendly with good dashboards
Pros and Cons
- "User friendly and good dashboards."
- "Consumes more system resources when it's running."
What is our primary use case?
I'm using Tenable for a project I'm working on. The primary use case is for web application scanning and we're also able to conduct infrastructure scanning and network scanning. I'm not using all the features.
What is most valuable?
It's a user friendly solution and I like the dashboards.
What needs improvement?
Unfortunately, the solution consumes more system resources when it's being run and I'd like that to be reduced.
For how long have I used the solution?
I've been using this solution for three months.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
The solution is scalable.
How was the initial setup?
The initial setup was very easy, it didn't take more than 10 minutes. It does depend on internet speed so sometimes deployment might take longer.
What other advice do I have?
I rate this solution an eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
CSSP Manager at a tech services company with 51-200 employees
Largely problem-free with good scanning capabilities and a good interface
Pros and Cons
- "The automatic scanner and scheduler are pretty cool."
- "The reporting is a bit cumbersome."
What is our primary use case?
I primarily use the solution for vulnerability scanning within our organization.
What is most valuable?
The automatic scanner and scheduler are pretty cool.
The interface is excellent. It makes it very user friendly and easy to navigate for the most part.
It's a pretty solid product. I pretty much like almost all of it.
The product is pretty problem-free. We don't have any real issues with it.
What needs improvement?
The reporting is a bit cumbersome.
A lot of times you have got to, if you want to test things, go in and then back all the way out, and then try something else, and that just becomes cumbersome.
The testing functionality could be better.
The way they had set up the scan sometimes is difficult as well. It's partly due to how it's set up where I am. It's not necessarily a Tenable thing, however, the user, how they assign users and roles, is strange. Sometimes if a coworker sets up a scan, I can't start it or stop it. That's just something that may be an issue on our set-up and not a Tenable issue.
For how long have I used the solution?
I've been using the solution for a while. I've probably been using the solution since 2015. It's been over five years at this point.
What other advice do I have?
We're just customers. We're end-users. We don't have a business relationship with the company.
We're using the solution as what I would consider a hybrid, where the security center is managed by another group. However, we have a scanner in our network that connects back to the security center and the DOD of Azure.
We're largely happy with the product. Overall, I'd rate the solution eight out of ten. If it weren't for the reporting or the scanning difficulties, I would rate it higher.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Threat Intelligence Engineer at a tech services company with 11-50 employees
It's easy to set up and integrate
Pros and Cons
- "Nessus is effortless to integrate."
- "The reporting could be improved. The reporting in Rapid7 is much better."
What is our primary use case?
We use Nessus for vulnerability assessment. Three or four engineers at my company are using it currently.
What is most valuable?
Nessus is effortless to integrate.
What needs improvement?
The reporting could be improved. The reporting in Rapid7 is much better.
What do I think about the stability of the solution?
Nessus performs well.
What do I think about the scalability of the solution?
Nessus is scalable.
How are customer service and support?
I'm happy with Tenable's technical support.
How was the initial setup?
Nessus is easy to set up, and it only takes about two hours to deploy.
What other advice do I have?
I rate Tenable Nessus nine out of 10. Nessus isn't suitable for everyone. It depends on the case. If you need reporting for the COs and stuff, Rapid7 is better. However, if you are implementing it as part of an ongoing VA or retention operation, you should probably use Tenable.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Founder & CEO at a tech services company with 1-10 employees
Highly stable, easy to use, and useful self updating
Pros and Cons
- "The most valuable feature of Tenable Nessus is the self-updating engine."
- "Tenable Nessus could improve the reporting."
What is our primary use case?
Tenable Nessus can be deployed on the cloud and on-premise.
I use Tenable Nessus for an internal secured scale.
What is most valuable?
The most valuable feature of Tenable Nessus is the self-updating engine.
What needs improvement?
Tenable Nessus could improve the reporting.
For how long have I used the solution?
I have been using Tenable Nessus for approximately three years.
What do I think about the stability of the solution?
Tenable Nessus is highly stable.
What do I think about the scalability of the solution?
The scalability of Tenable Nessus is good.
I am the only one in cybersecurity using this solution in my organization.
How are customer service and support?
Tenable Nessus is very easy to support and manage and this is why I have not needed to contact support.
How was the initial setup?
The initial setup of Tenable Nessus is easy.
What's my experience with pricing, setup cost, and licensing?
The is a free version of Tenable Nessus available.
In Brazil, it is about $3,500 per year.
What other advice do I have?
My advice to others is for them to start using the free version to get used to the solution.
I rate Tenable Nessus an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Infrastructure Project Manager at a energy/utilities company with 501-1,000 employees
Has good vulnerability reporting and is stable and scalable
Pros and Cons
- "The solution is very stable."
- "I would like to see an improvement in the ranking of high, medium and low vulnerability."
What is our primary use case?
Our primary use case of this solution is scanning of our external websites.
What is most valuable?
The feature I find most valuable is the vulnerability reporting.
What needs improvement?
I would like to see an improvement in the ranking of high, medium and low vulnerability.
For how long have I used the solution?
I have been using Tenable Nessus for six months now.
What do I think about the stability of the solution?
The solution is very stable.
What do I think about the scalability of the solution?
Tenable Nessus is a very scalable solution. We have over 50 devices running on it currently, and over 50 locations. And we plan to increase our usage in the future. We use our existing team for maintenance, so we didn't have to increase our headcounts. One person is enough to do the maintenance.
How are customer service and technical support?
The technical support is good.
How was the initial setup?
I will say the initial setup was not straightforward, and not complex either. It's medium. Technically it's not too complicated, but if you work with a good partner, they can help. The deployment took us about three to six months.
What other advice do I have?
My advice to others would be to include post-implementation support for six months from the vendor to help with the fine-tuning. I rate this solution an eight out of ten. In the future, I would like to see better reporting for high impact vulnerabilities.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Founder & CEO at a tech services company with 1-10 employees
Very user friendly and affordable
Pros and Cons
- "The trial version is very good for testing whether it will suit your needs."
- "The report for counters is too simple and would be improved by a dashboard."
What is our primary use case?
I'm currently using the Nessus essentials for testing, it's installed on my Notebook. My company has only been in operation for one month so as soon as I close with my first client, I will buy the professional version. I used the solution in my previous job.
What is most valuable?
I have chosen Nessus because it's very simple to use and install. Depending on the number of assets you scan, Nessus is also an affordable solution. Products such as Tenable IO and RapidLab, can become expensive depending on the number of IPs. So Nessus Pro is perfect for my needs right now.
What needs improvement?
I'd like to see a dashboard for this product because the report for counters is too simple. There needs to be something better for the client.
For how long have I used the solution?
I've been using this solution for five years.
What do I think about the stability of the solution?
This solution is stable.
What do I think about the scalability of the solution?
The solution is definitely scalable.
How are customer service and support?
I've never needed to contact Tenable support, I've been able to resolve any issues myself.
How was the initial setup?
The initial setup is very easy. Deployment takes less than two hours, it's simple.
What other advice do I have?
It's important to test the solution so you know that it works for your situation. They have a trial version so it's easy to test before you purchase it.
I rate this solution eight out of 10.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Tenable Nessus Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Vulnerability ManagementPopular Comparisons
Microsoft Intune
Microsoft Defender for Cloud
Qualys VMDR
Tenable Security Center
Tanium
Rapid7 InsightVM
Tenable Vulnerability Management
Orca Security
Pentera
Acunetix
JFrog Xray
Claroty Platform
Skybox Security Suite
Buyer's Guide
Download our free Tenable Nessus Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Qualys VM vs Tenable Nessus: Comparison
- How would you choose between Rapid7 InsightVM and Tenable Nessus?
- What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
- How does Tenable Nessus compare with Qualys VM?
- What are the main differences between Qualys VMDR and Tenable Nessus?
- How inadvisable is it to use a single vulnerability analysis tool?
- What are the benefits of continuous scanning for vulnerability management?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- What are the main KPIs that need to be implemented to have better posture in vulnerability projects?