Try our new research platform with insights from 80,000+ expert users

Acunetix vs Tenable Nessus comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 20, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Ranking in Vulnerability Management
18th
Average Rating
9.4
Reviews Sentiment
8.2
Number of Reviews
5
Ranking in other categories
Continuous Threat Exposure Management (CTEM) (2nd)
Acunetix
Ranking in Vulnerability Management
22nd
Average Rating
7.8
Reviews Sentiment
7.0
Number of Reviews
33
Ranking in other categories
Application Security Tools (16th), Static Application Security Testing (SAST) (13th), DevSecOps (6th)
Tenable Nessus
Ranking in Vulnerability Management
3rd
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
81
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Vulnerability Management category, the mindshare of Zafran Security is 0.8%, up from 0.0% compared to the previous year. The mindshare of Acunetix is 1.2%, down from 1.4% compared to the previous year. The mindshare of Tenable Nessus is 8.8%, down from 13.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
KashifJamil - PeerSpot reviewer
Has enabled teams to improve security testing with smooth integration and high accuracy
Acunetix has a very good ratio of fewer false positives, so users don't need to retest everything. Acunetix operates smoothly with no interruptions required, and it performs at 100% efficiency without issues in scanning anything. The solution is excellent at detecting SQL injection and cross-site scripting vulnerabilities. Acunetix integrates with every type of tool, including CI/CD tools, offering 100% integration in DevOps environments. The main benefit of Acunetix is that at the first level, users can address security issues related to penetration testing, allowing them to expose vulnerabilities and ensure all required testing is completed with very few false positives.
HarshBhardiya - PeerSpot reviewer
Provided increased visibility across the organization's servers
The user interface of Tenable Nessus feels outdated and could be more user-friendly. Additionally, the documentation is not well-organized, which can be confusing when searching for solutions or specific information related to Tenable Nessus Professional. The reporting feature could be improved by allowing users to create their own templates instead of relying on predefined ones.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"We saw benefits from Zafran Security almost immediately after deploying it."
"Zafran is an excellent tool."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well."
"There is a lot of documentation on their website which makes setting it up and using it quite simple."
"By integrating with CI/CD tools, it enables a shift-left approach in the development process."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"The tool's most valuable feature is performance."
"The most valuable feature is the breadth of vulnerabilities that it finds. It's able to find across a lot of different platforms and operating systems. It's also able to combine local testing with network-based testing."
"The most valuable feature of Tenable Nessus is the self-updating engine."
"It notifies us of vulnerabilities as they arise, allowing us to respond quickly without manual intervention."
"Nessus gives me a good preview of vulnerabilities and good suggestions for remediation. It's easy to find a description of a given vulnerability and solutions for it."
"It gives you an unlimited IP scan."
"Scanners and reports using CIS templates ("de-facto" standard, easy to fix and to locate correction tips at documentation), tests against cloud providers, database profiles, several types of telecom devices, and others highly customizable scans."
"The most valuable features of Tenable Nessus include its ease of access and quick usability."
"I find the features that are most valuable are the policies that help us identify the vulnerabilities. These policies are then used for scanning instabilities and then identifying the particular vulnerabilities."
 

Cons

"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"There's a clear need for a reduction in pricing to make the service more accessible."
"While we do have it integrated with other solutions, it could still offer more integrations."
"The cost can be reduced as management has noted it to be on the higher side."
"It is difficult to create a proxy connection."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"You can't actually change your password after you've set it unless you go back into the administration account and you change it there. Thus, if you're locked out and don't remember your password, that's a thing."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"I would like to see more on the automation side."
"The pricing point has increased significantly in recent years. The product's pricing has roughly tripled within the last couple of years, making us reconsider renewing the license for the scanner."
"The solution could improve by having better integration with different vendors' IPS solutions. The ACLs and IPS policies signatures should be enabled based on the results of Tenable Nessus automatically, we currently have to do it manually which is very time-consuming. It has done a good job integrating with Fortinet but we would like it to be better integrated with other solutions that we have."
"One significant drawback we encounter is the tool's tendency to flag patched packages incorrectly. For instance, if a package is patched by Debian maintainers but not updated to a major or minor version, Nessus may still flag it as vulnerable based on its database. This discrepancy leads to false alarms and requires our developers, system admins, and DevOps teams to address them."
"Sometimes, the categorization for clients was tricky at first, however, they eventually got used to it."
"Online learning could be a bit better."
"From my point of view the solution basically is not for the big enterprise."
"The reports should be improved in Tenable Nessus. For example, when you are auditing compliance with CIS standards. It provides very poor reports."
 

Pricing and Cost Advice

Information not available
"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."
"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."
"The solution is expensive."
"The pricing is a little high, and moreover, it's kind of domain-based."
"The pricing and licensing are reasonable to a point. In order to run multiple scans at a time, we are going to have to purchase a 100 count license, which is an overkill. Though, compared to what we were paying for, the cost seems reasonable."
"Acunetix was around the same price as all the other vendors we looked at, nothing special."
"The price is exceptionally high."
"All things considered, I think it has a good price/value ratio."
"In general, it is extremely expensive."
"This solution is affordable."
"The price is okay. I would give it a seven out of ten, where one is cheap and ten is expensive."
"The price of the solution is reasonable."
"We pay approximately $2,500 on a yearly basis."
"Our organization is huge so our license costs $30,000."
"The price of Tenable Nessus is too expensive for each service center."
"The solution has free options."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
859,957 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
11%
Manufacturing Company
7%
Healthcare Company
6%
Computer Software Company
17%
Financial Services Firm
14%
Manufacturing Company
9%
Government
8%
Educational Organization
19%
Computer Software Company
11%
Financial Services Firm
9%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
The current pricing of Zafran Security is fair overall. They were good to work with to accommodate our organization w...
What needs improvement with Zafran Security?
The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvement...
What is your primary use case for Zafran Security?
Zafran Security is helping reduce the amount of critical vulnerabilities in our environments that require prompt reme...
What do you like most about Acunetix Vulnerability Scanner?
The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning t...
What is your primary use case for Acunetix Vulnerability Scanner?
Most of the customers who use Acunetix are looking for security testing. The primary use case is performing penetrati...
What advice do you have for others considering Acunetix Vulnerability Scanner?
Acunetix supports multi-user environments effectively. Acunetix is targeted for small to mid-size teams in a DevSecOp...
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. Yo...
What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of ...
What do you like most about Tenable Nessus?
We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to addre...
 

Also Known As

No data available
AcuSensor
No data available
 

Overview

 

Sample Customers

Information Not Available
Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand
Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
Find out what your peers are saying about Acunetix vs. Tenable Nessus and other solutions. Updated: June 2025.
859,957 professionals have used our research since 2012.