We use Tenable Nessus as a vulnerability management tool. It helps identify vulnerabilities in our system, how to address them, and what mitigation steps are required. We can assign high, medium, or low priority levels and schedule scans to run at specific times. The tool generates vulnerability assessment reports, valuable in our organization's environment for continuous security assessment.
Assistant Director for Computing and Network infrastructure at SRCE
Real User
Top 20
2024-03-11T09:40:53Z
Mar 11, 2024
We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure.
Security Infrastructure Engineer at NP Secure Co.,Ltd
Reseller
Top 5
2023-08-31T10:14:21Z
Aug 31, 2023
I use Tenable Nessus for vulnerability assessment so that you can scan for CVEs and existing CVEs. Tenable Nessus will show you the latest update on those vulnerabilities and where it needs patches, so it goes hand in hand with patch management. As soon as you scan, you can see whether it needs patching, and if needed, you can go ahead and deploy patch management to address the current issue.
We use Tenable to scan all the workstations in our government environment for vulnerabilities and outdated software. The Tenable agents installed on the PCs enable us to detect any potential security risks or applications that are not up-to-date, malicious, or suspicious. This helps us ensure that all the PCs are secure and are in good posture.
Security Compliance Officer at a tech services company with 51-200 employees
Real User
2022-11-15T14:56:34Z
Nov 15, 2022
Every month, I had this Windows Gold image scan. I would obtain some IP addresses, create some rules, and then run them. Then there were the automatic automated jobs that I and my colleagues would arrange to execute. They would run at night so they wouldn't interrupt the systems. Enter some IP addresses for workstations and servers. Some were in a highly secure zone, while others were in a separate subnet, we enter those IP addresses in and run them, scheduling them to run biweekly or weekly.
My company uses Tenable as a vulnerability assessment. We use it for scanning, for the discovery of vulnerabilities in the components or the software, or on the IT infrastructure of our client.
We use it predominantly for vulnerability scanning and compliance scanning as part of the vulnerability and compliance protocols in one of our programs.
We use this solution for network and device scanning. Massive scanners have been integrated with the security center. We scan devices and pull the report from the security center. We publish the report to respective stakeholders, and we maintain the reports for our records. The reports show vulnerabilities, plugin text, and plugin outputs. We analyze the report and try to close the vulnerabilities identified in the scan. The solution is deployed on-premises. There are about 10 people using this solution in my organization. They were part of the security team and were doing the scanning and remediation. I led the team and dealt with any challenges. My organization is a service provider. We provide security services to clients.
I use this solution for OS auditing, database auditing, virtualization, and following how closely it follows our CI or TISA benchmarks. We also use it for malware and ransomware risk and for carrying out assessments. We purchased this product from a local partner that has a premium partnership with Tenable. I'm a cybersecurity and compliance lead engineer.
Our customers are using this solution. They scan their network, and they get a report about vulnerability assessment tools and solutions. It's deployed on-prem.
Tenable Nessus can be deployed on-premise and in the cloud. Tenable Nessus is a vulnerability scanner to find vulnerabilities. The solution finds the vulnerabilities in our environment and then we send those vulnerabilities that are found out to the SMEs to be fixed.
Information Security Engineer at a tech services company with 11-50 employees
Real User
2022-03-21T18:59:56Z
Mar 21, 2022
We are a solution provider and Tenable Nessus is one of the products that we implement for our clients. The primary task that Tenable is focused on is vulnerability management.
Senior Consultant - Cyber Security Services at Coforge
Real User
2021-12-21T09:16:00Z
Dec 21, 2021
We primarily use the solution for our customer vApp, the dynamic application testing using NetWeb application and security and the infra scanning. It allows us to do a weekly scan for our customers.
Founder & CEO at a tech services company with 1-10 employees
Real User
2021-12-08T22:52:56Z
Dec 8, 2021
I'm currently using the Nessus essentials for testing, it's installed on my Notebook. My company has only been in operation for one month so as soon as I close with my first client, I will buy the professional version. I used the solution in my previous job.
Cyber Security Engineer at a manufacturing company with 5,001-10,000 employees
Real User
2021-08-03T16:22:52Z
Aug 3, 2021
I'm using Tenable for a project I'm working on. The primary use case is for web application scanning and we're also able to conduct infrastructure scanning and network scanning. I'm not using all the features.
Lead Cyber Security engineer at a tech services company with 201-500 employees
Real User
2021-05-19T12:15:00Z
May 19, 2021
We usually use the solution for infrastructure level and web application scanning, although mostly for the former. This is what we are doing at present. We were using the web application portion of Tenable Nessus for several months before switching to Veracode.
We use Tenable Nessus when we are preparing our audit where we need to do an initial scan of our customers' platform to see if they have any critical issues.
Owner at a tech services company with 1-10 employees
Real User
2020-12-07T21:15:00Z
Dec 7, 2020
We use it for vulnerability management. We have the latest version because we're using it in the cloud right now. I have a public cloud and a private cloud version.
Senior Manager at a security firm with 201-500 employees
Real User
2020-10-28T20:22:37Z
Oct 28, 2020
We use Tenable Nessus to provide service to our bank. I use it to provide our main service related to our big management. Other than providing information security to our clients, it is our information security provider, service provider — we manage it. Using Nessus, we are able to scan and locate any potential vulnerabilities that our clients may have and point them out to them. I am not sure how many users we have using this solution, but we have more than 100,000 assets distributed between roughly 40 clients.
We are a company that provides cloud migration services. We help companies to migrate to the public cloud. When our customers want to migrate applications, they're worried about the security aspect in the cloud. So we are trying to see how the application security that is on-premises can be migrated to the cloud. We don't have any particular solution, we are working with a few options. The customer selects what best suits their needs. If we have a program, we work with that. It's not specific to what we are working with.
Information Security Manager at a retailer with 10,001+ employees
Real User
Top 5
2020-08-06T15:26:00Z
Aug 6, 2020
Over 15.000 active assets|inside 10 companies belonging to the group, the biennium recurrent project mapped the real situation, in parallel with photography of IT/Security maturity through three main domains: processes, people, and technology. 5 TOEs: Infrastructure, Databases (SQL and Oracle in deep), AWS Cloud, Connectivity (Routers, Switches, and Firewalls against/based CIS) and Web Application instances (partial tests).
CISO at a financial services firm with 201-500 employees
Real User
2019-11-27T05:42:00Z
Nov 27, 2019
We use it for servers, domain controllers, application servers, Oracle servers, SQL servers, as well as network devices, like routers. For PCs that are used for services such as credit cards and ATMs, we usually do a vulnerability assessment, including Windows Servers, Linux servers, SQL servers, and database servers. We scan everything except basic PCs because it would require a lot of time to check all those reports. Our system administrators use another solution to check regular PCs for Windows and MS updates. We're checking things every month. We created a schedule and it checks automatically. From time to time, we'll use it to check things if something unusual has happened. For example, if a stranger was on a computer, we'll check if is there a vulnerability there. We also use it to prepare reports when the agency asks for them.
Network Security Engineer at a construction company with 1,001-5,000 employees
MSP
2019-11-18T07:22:00Z
Nov 18, 2019
We mainly use it for scanning for vulnerability on our hosts, like network devices and servers; to find the vulnerabilities and do remediation. We monitor Windows and Linux workstations.
President and Sr CISO Consultant at Micro Strategies
MSP
2019-11-14T06:34:00Z
Nov 14, 2019
I use it for performing vulnerability scans for both my environment and for clients. I provide fractional CISO consulting services. As such, I will perform a vulnerability scan on an environment before I say "yes." Everybody has to have a vulnerability scan. You should do them periodically which, to me, is monthly. It's just good practice to perform that scan monthly and whenever there's a major change, to make sure that you don't have any open environment. I monitor web servers, database servers, app servers, desktops; everything you'd find on a network, besides switches and routers. I don't have that, but I monitor any Windows- and Linux-based nodes.
Senior Systems Administrator at Government Scientific Source, Inc.
Real User
2019-11-07T10:35:00Z
Nov 7, 2019
It is used for vulnerability management. We used Nessus to scan our machines to see how they were vulnerable, for patches or security. The CVE numbers is what we looked at, the security vulnerability, and tried to figure out what we were vulnerable to. We monitored Windows Servers, Windows workstations, Linux servers, firewalls, switches, VMware equipment, and Cisco UCS hardware through the application.
Nessus was used to scan vulnerabilities and compliances in our clients' networks and with this, carry out the remediation process through constant cycles in time until threats to the network are considerably reduced. The environments are small business networks (less than 50 employees), and so far there have been no major impediments in the scans performed.
Tenable Nessus is a vulnerability management solution that aims to empower organizations to be aware of threats that both they and their customers face. It is the most deployed scanner in the vulnerability management industry. Organizations that use this product have access to the largest continuously updated global library of vulnerability and configuration checks. They can stay ahead of threats that Tenable Nessus’s competitors may be unable to spot. Additionally, Tenable Nessus supports a...
We use Tenable Nessus as a vulnerability management tool. It helps identify vulnerabilities in our system, how to address them, and what mitigation steps are required. We can assign high, medium, or low priority levels and schedule scans to run at specific times. The tool generates vulnerability assessment reports, valuable in our organization's environment for continuous security assessment.
We do infrastructure audits in the state, and we have a lot of organizations and customers for which we do security assessments.
We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure.
The solution is used to check vulnerabilities.
We use Tenable Nessus for asset and vulnerability management.
I use Tenable Nessus for vulnerability assessment so that you can scan for CVEs and existing CVEs. Tenable Nessus will show you the latest update on those vulnerabilities and where it needs patches, so it goes hand in hand with patch management. As soon as you scan, you can see whether it needs patching, and if needed, you can go ahead and deploy patch management to address the current issue.
Tenable Nessus is used to perform process and network assessments and sometimes for reviews.
I evaluated, set up, and implemented Tenable Nessus for a client. They had four firewalls, about 500 endpoints, two servers, and one database server.
We use Tenable to scan all the workstations in our government environment for vulnerabilities and outdated software. The Tenable agents installed on the PCs enable us to detect any potential security risks or applications that are not up-to-date, malicious, or suspicious. This helps us ensure that all the PCs are secure and are in good posture.
We use Tenable Nessus to schedule test scans and work with the finding. We have integrated Tenable Nessus with Splunk.
I primarily use the solution for network scanning. I can use it when I want to see network scanning involved with the network devices and servers.
Every month, I had this Windows Gold image scan. I would obtain some IP addresses, create some rules, and then run them. Then there were the automatic automated jobs that I and my colleagues would arrange to execute. They would run at night so they wouldn't interrupt the systems. Enter some IP addresses for workstations and servers. Some were in a highly secure zone, while others were in a separate subnet, we enter those IP addresses in and run them, scheduling them to run biweekly or weekly.
My company uses Tenable as a vulnerability assessment. We use it for scanning, for the discovery of vulnerabilities in the components or the software, or on the IT infrastructure of our client.
Our company uses the solution for vulnerability scanning.
We use it predominantly for vulnerability scanning and compliance scanning as part of the vulnerability and compliance protocols in one of our programs.
We use this solution for network and device scanning. Massive scanners have been integrated with the security center. We scan devices and pull the report from the security center. We publish the report to respective stakeholders, and we maintain the reports for our records. The reports show vulnerabilities, plugin text, and plugin outputs. We analyze the report and try to close the vulnerabilities identified in the scan. The solution is deployed on-premises. There are about 10 people using this solution in my organization. They were part of the security team and were doing the scanning and remediation. I led the team and dealt with any challenges. My organization is a service provider. We provide security services to clients.
I primarily use Nessus for vulnerability management, including scanning, identifying, and assessing risks.
Tenable Nessus can be deployed on the cloud and on-premise. I use Tenable Nessus for an internal secured scale.
I use this solution for OS auditing, database auditing, virtualization, and following how closely it follows our CI or TISA benchmarks. We also use it for malware and ransomware risk and for carrying out assessments. We purchased this product from a local partner that has a premium partnership with Tenable. I'm a cybersecurity and compliance lead engineer.
Two of our customers use it for vulnerability assessment and penetration testing, and they are getting very good results.
Our customers are using this solution. They scan their network, and they get a report about vulnerability assessment tools and solutions. It's deployed on-prem.
Tenable Nessus can be deployed on-premise and in the cloud. Tenable Nessus is a vulnerability scanner to find vulnerabilities. The solution finds the vulnerabilities in our environment and then we send those vulnerabilities that are found out to the SMEs to be fixed.
We are a solution provider and Tenable Nessus is one of the products that we implement for our clients. The primary task that Tenable is focused on is vulnerability management.
We're using Tenable Nessus to manage vulnerabilities.
We primarily use the solution for our customer vApp, the dynamic application testing using NetWeb application and security and the infra scanning. It allows us to do a weekly scan for our customers.
I'm currently using the Nessus essentials for testing, it's installed on my Notebook. My company has only been in operation for one month so as soon as I close with my first client, I will buy the professional version. I used the solution in my previous job.
We are using it to find out the vulnerabilities in our critical servers and to patch them. We are using the latest version.
I'm using Tenable Nessus for my personal projects and vulnerability assessment, but I can't discuss what I do at work with you.
We use this solution for information gathering and as an assessment tool.
I'm using Tenable for a project I'm working on. The primary use case is for web application scanning and we're also able to conduct infrastructure scanning and network scanning. I'm not using all the features.
As new upgrades to the software come out periodically, I am currently using the latest version.
We usually use the solution for infrastructure level and web application scanning, although mostly for the former. This is what we are doing at present. We were using the web application portion of Tenable Nessus for several months before switching to Veracode.
We use Tenable Nessus when we are preparing our audit where we need to do an initial scan of our customers' platform to see if they have any critical issues.
Our use cases are pretty straightforward. We primarily use it for conducting vulnerability scans.
I primarily use the solution for vulnerability scanning within our organization.
I have been using Tenable Nessus for my personal use. It works well. I am using this solution for testing.
We use it for vulnerability management. We have the latest version because we're using it in the cloud right now. I have a public cloud and a private cloud version.
We use Tenable Nessus to provide service to our bank. I use it to provide our main service related to our big management. Other than providing information security to our clients, it is our information security provider, service provider — we manage it. Using Nessus, we are able to scan and locate any potential vulnerabilities that our clients may have and point them out to them. I am not sure how many users we have using this solution, but we have more than 100,000 assets distributed between roughly 40 clients.
We primarily use the solution for vulnerability management. We also use it during our IP scans.
We are a company that provides cloud migration services. We help companies to migrate to the public cloud. When our customers want to migrate applications, they're worried about the security aspect in the cloud. So we are trying to see how the application security that is on-premises can be migrated to the cloud. We don't have any particular solution, we are working with a few options. The customer selects what best suits their needs. If we have a program, we work with that. It's not specific to what we are working with.
Over 15.000 active assets|inside 10 companies belonging to the group, the biennium recurrent project mapped the real situation, in parallel with photography of IT/Security maturity through three main domains: processes, people, and technology. 5 TOEs: Infrastructure, Databases (SQL and Oracle in deep), AWS Cloud, Connectivity (Routers, Switches, and Firewalls against/based CIS) and Web Application instances (partial tests).
We use it for servers, domain controllers, application servers, Oracle servers, SQL servers, as well as network devices, like routers. For PCs that are used for services such as credit cards and ATMs, we usually do a vulnerability assessment, including Windows Servers, Linux servers, SQL servers, and database servers. We scan everything except basic PCs because it would require a lot of time to check all those reports. Our system administrators use another solution to check regular PCs for Windows and MS updates. We're checking things every month. We created a schedule and it checks automatically. From time to time, we'll use it to check things if something unusual has happened. For example, if a stranger was on a computer, we'll check if is there a vulnerability there. We also use it to prepare reports when the agency asks for them.
We mainly use it for scanning for vulnerability on our hosts, like network devices and servers; to find the vulnerabilities and do remediation. We monitor Windows and Linux workstations.
I use it for performing vulnerability scans for both my environment and for clients. I provide fractional CISO consulting services. As such, I will perform a vulnerability scan on an environment before I say "yes." Everybody has to have a vulnerability scan. You should do them periodically which, to me, is monthly. It's just good practice to perform that scan monthly and whenever there's a major change, to make sure that you don't have any open environment. I monitor web servers, database servers, app servers, desktops; everything you'd find on a network, besides switches and routers. I don't have that, but I monitor any Windows- and Linux-based nodes.
We use it for internal and external vulnerability scans.
It is used for vulnerability management. We used Nessus to scan our machines to see how they were vulnerable, for patches or security. The CVE numbers is what we looked at, the security vulnerability, and tried to figure out what we were vulnerable to. We monitored Windows Servers, Windows workstations, Linux servers, firewalls, switches, VMware equipment, and Cisco UCS hardware through the application.
Our primary use case of this solution is scanning of our external websites.
Nessus was used to scan vulnerabilities and compliances in our clients' networks and with this, carry out the remediation process through constant cycles in time until threats to the network are considerably reduced. The environments are small business networks (less than 50 employees), and so far there have been no major impediments in the scans performed.
Primarily, I use this for assessment and administration testing.
My primary use case of this solution is for scanning internal networks.
I use Tenable Nessus to evaluate the security posture of multiples acquisitions before integrating them to our network.