We performed a comparison between Rapid7 Metasploit and Tenable Nessus based on real PeerSpot user reviews.
Find out in this report how the two Vulnerability Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I don't have any other tools like it, and I always use it when I'm doing a pen test. Metasploit is a great solution for penetration testing,"
"The option to generate phishing emails has proven to be very valuable in understanding the behavior of users."
"The most valuable features of the solution are the scripts, the modules, and the tools that the Rapid7 Metasploit framework has."
"The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."
"It is scalable. It's in line with our needs."
"The tool's most useful feature for penetration testing is its automation capabilities. With the professional edition, you can upload the results from Nessus in the Rapid7 Metasploit solution portal."
"The greatest advantage of Rapid7 Metasploit is that it is the only system that can directly exploit vulnerabilities on the Metasploit platform."
"It contains almost all the available exploits and payloads."
"Tenable Nessus is one of the best vulnerability assessment tools, that I know."
"We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure."
"My favorite part about Nessus is that you can customize the tool to scan exactly what you want. Microsoft releases new patches monthly on Patch Tuesday, and a lot of companies track that date. I set up Nessus for the day after Patch Tuesday to see which devices have already pushed those updates from Microsoft, so we can stay updated."
"I like its ease of use. It has the script that is pre-built in it, and you just got to know which ones you're looking for."
"I have found the vulnerability assessment and the reports to be useful."
"Nessus' most valuable feature is vulnerability management because it helps to discover vulnerabilities proactively and integrates with patch management solutions so you can push patches."
"It provides multiple recommendations towards the remedy of vulnerabilities."
"It is a mature tool."
"The solution is not user-friendly and has room for improvement."
"We'd like them to offer better coverage of malware."
"The solution should improve the responsiveness of its live technical support."
"At the time I was using it, the graphical user interface needed some improvements."
"I think areas with shortcomings that need improvement are more integration and automation."
"It is necessary to add some training materials and a tutorial for beginners."
"Rapid7 Metasploit can add a GUI feature because it is only available online."
"I would like to see more capabilities, more functions, and more features. More types of attack vectors."
"Lacks some penetration testing-related services."
"We use credentialed scans. They need more permissions and more changes or settings on Windows and Linux."
"They should improve the I/O reporting and the customized spreadsheet export feature."
"We'd like to see more integration potential within the solution."
"The reports are okay, but the interface is a bit difficult to navigate in some cases."
"It would be better if they had application-level support for mobile devices. They don't have anything to scan mobile devices. Tenable Nessus doesn't have a mobile application vulnerability assessment. I also have issues with the false positive rates. The product has limited features."
"I think the reporting templates could be improved with Tenable Nessus."
"The inventory management function in this solution needs improvement."
Rapid7 Metasploit is ranked 11th in Vulnerability Management with 18 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. Rapid7 Metasploit is rated 7.6, while Tenable Nessus is rated 8.4. The top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". Rapid7 Metasploit is most compared with Pentera, Rapid7 InsightVM, Acunetix, Nucleus and Wireshark, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Security Center, Tenable Vulnerability Management and Microsoft Intune. See our Rapid7 Metasploit vs. Tenable Nessus report.
See our list of best Vulnerability Management vendors.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.