Try our new research platform with insights from 80,000+ expert users

Cisco Vulnerability Management (formerly Kenna.VM) vs Tenable Nessus comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.6
Reviews Sentiment
7.8
Number of Reviews
6
Ranking in other categories
Vulnerability Management (18th), Continuous Threat Exposure Management (CTEM) (2nd)
Cisco Vulnerability Managem...
Average Rating
8.0
Reviews Sentiment
6.8
Number of Reviews
1
Ranking in other categories
Cisco Security Portfolio (11th), Risk-Based Vulnerability Management (17th)
Tenable Nessus
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
83
Ranking in other categories
Vulnerability Management (3rd)
 

Mindshare comparison

Risk-Based Vulnerability Management
Vulnerability Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
AshishPaliwal - PeerSpot reviewer
Offers contextual prioritization and risk-based remediation of vulnerability
An improvement would be some sort of an integration with any GRC suite. There are a lot of GRC suites available, like Archer, MetricStream, Rsam, Protiviti, for example. So how would a solution like this work if my company has already invested thousands or maybe millions in a GRC solution? Do I still need it and how does it fit into an existing SAP environment? There could be interoperability, having more data sources, integrating Splunk, Qualys, FireEye, Rapid7, Carbon Black. I'm sure all that can be done to an extent, with a little more insight and a little more accuracy on the industry numbers and trends. I'd like the solution to offer any sort of assistance in any way with the remediation part, not just identification of vulnerability risk, and that is second.
HarshBhardiya - PeerSpot reviewer
Provided increased visibility across the organization's servers
The user interface of Tenable Nessus feels outdated and could be more user-friendly. Additionally, the documentation is not well-organized, which can be confusing when searching for solutions or specific information related to Tenable Nessus Professional. The reporting feature could be improved by allowing users to create their own templates instead of relying on predefined ones.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We are able to see the real risk of a vulnerability on our environment with our security tools."
"Zafran is an excellent tool."
"Overall, we have seen about eighty-seven percent reduction of the number of vulnerabilities that require urgency to remediate, specifically the number of criticals."
"We saw benefits from Zafran Security almost immediately after deploying it."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"The risk context of any vulnerability is a valuable feature."
"It provides multiple recommendations towards the remedy of vulnerabilities."
"Its initial setup was simple and straightforward."
"Out of the box, the product works well for us, so it's not a tool that we need to customize very much."
"The most valuable feature of Tenable Nessus is vulnerability detection."
"It is a mature tool."
"Tenable Nessus is one of the best vulnerability assessment tools, that I know."
"The plug-in text information is quite useful."
"The most valuable feature is the breadth of vulnerabilities that it finds. It's able to find across a lot of different platforms and operating systems. It's also able to combine local testing with network-based testing."
 

Cons

"The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvements."
"I think the ability to have some enhanced reporting capabilities is something they can improve on, as they have good reports but we have asked for some specific reporting enhancements."
"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"An improvement would be some sort of an integration with any GRC suite."
"There should be a possibility to install agents on scanned machines. Tenable IO provides the capability of using local agents to check local problems, but this feature is not there in Tenable Nessus Professional. It would be nice to have something similar in Tenable Nessus Professional. We should have the capability to use local agents installed on the machines to locally check a problem."
"The most that Tenable Nessus could improve is its speed because they might have put a lot of effort into compatibility issues that downgrade the speed."
"The reporting is a bit cumbersome."
"The solution could improve security updates."
"Nessus' reporting could be more user-friendly."
"We feel the solution's technical support to be very bad."
"The price could be reduced."
"The problems I faced with Tenable Nessus were related to its dashboard's customization capabilities and its ability to provide data to third-party sources."
 

Pricing and Cost Advice

Information not available
"I think the pricing is based on the number of endpoints, so it's more subscription-based."
"The price is okay. I would give it a seven out of ten, where one is cheap and ten is expensive."
"The price of Tenable Nessus is much more competitive versus other solutions on the market."
"The product is free."
"Cost-wise, it's an affordable tool."
"The solution has free options."
"Our organization is huge so our license costs $30,000."
"The newer tools are quite pricey. There is a case of some fine tuning that can be done in terms of licensing. The IP based licensing that is offered makes the tool very expensive. If they want the IT industry to adopt it, the price should be looked at."
"The solution has a single price for unlimited assets."
report
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
861,524 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
11%
Financial Services Firm
11%
Manufacturing Company
7%
Healthcare Company
6%
Computer Software Company
21%
Financial Services Firm
16%
Retailer
11%
Manufacturing Company
8%
Computer Software Company
12%
Financial Services Firm
10%
Educational Organization
10%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
The current pricing of Zafran Security is fair overall. They were good to work with to accommodate our organization w...
What needs improvement with Zafran Security?
The dashboarding and reporting functionality of Zafran Security is an area that definitely could use some improvement...
What is your primary use case for Zafran Security?
Zafran Security is helping reduce the amount of critical vulnerabilities in our environments that require prompt reme...
Ask a question
Earn 20 points
How would you choose between Rapid7 InsightVM and Tenable Nessus?
You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. Yo...
What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?
Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of ...
What do you like most about Tenable Nessus?
We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to addre...
 

Also Known As

No data available
Kenna.VM, Kenna Security, Kenna, Kenna Security Platform
No data available
 

Overview

 

Sample Customers

Information Not Available
TransUnion
Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
Find out what your peers are saying about Qualys, Tenable, Rapid7 and others in Risk-Based Vulnerability Management. Updated: July 2025.
861,524 professionals have used our research since 2012.