Tenable Nessus Primary Use Case
Tenable Nessus's primary use case is scanning endpoints and servers for vulnerabilities, outdated patches, or services. I am using it to increase visibility and dive deep into systems.
The tool is particularly used for scanning Linux servers to check for vulnerabilities and unwanted patches or services.
View full review »DH
David Heed
Security Center Coordinator at a comms service provider with 1-10 employees
We use Tenable Nessus for compliance and testing known vulnerabilities from a specific set of servers that we have knowledge of as existing. We seldom use it for inventory scans, as we use other solutions like App Reviews or Outpost Scan for that purpose.
View full review »
We do infrastructure audits in the state, and we have a lot of organizations and customers for which we do security assessments.
View full review »Buyer's Guide
Tenable Nessus
June 2025

Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,390 professionals have used our research since 2012.
NW
Nuki Agustino Wono
Senior Security Consultant at ITSEC Asia
The typical use case for Tenable Nessus is mostly for the white-box scanner because Tenable Nessus is a vulnerability assessment and vulnerability management tool. I use it for the white-box scanner, which operates inside the firewall, not the black box.
View full review »
GN
Gintaras_Navickas
Cyber Security Officer at Gudu
I want to upgrade Tenable Nessus because I don't have a license, but I worked with it before. It was only for one month. We just don't have a license, but I worked for two years with this product.
I have worked with Tenable Nessus in the last month.
I used Tenable Nessus in government.
View full review »We use Tenable Nessus as a vulnerability management tool. It helps identify vulnerabilities in our system, how to address them, and what mitigation steps are required. We can assign high, medium, or low priority levels and schedule scans to run at specific times. The tool generates vulnerability assessment reports, valuable in our organization's environment for continuous security assessment.
View full review »I implement the solution as a vulnerability management tool for client use cases. It can be used for public factors because it sits right where you have tie in and bleeds over or in between other tools as another piece in the EDR puzzle. The solution identifies vulnerabilities, applies patches, and provides some other EDR results.
I have also used the solution in environments where customers only want to pay for master's licensing and conduct vulnerability scanning for 100 to 12,000 endpoints. It took 23 days to create a security center from that page with data imports and API plugins.
It really just depends on what you need, where your money lies, and what you want to get from the solution at the endpoints.
View full review »JT
Jerome TOUTEE
Former Employee of Orange Business Services as Head of Security Engineering at a comms service provider with 5,001-10,000 employees
The tool was used mainly to do network and security scans in some designated areas. It was part of maintaining the ISO 27k certification for some countries, like Turkey, Egypt, and India. Another usage was that we had regular and yearly scans planned as part of policies on some other network areas that would do network management in the central region and Internet-shared network.
View full review »Tenable is for scanning the vulnerabilities on the endpoint. That's the prime use case. It can also be extended for scanning web publications, et cetera.
View full review »Our company uses the solution for vulnerability scanning.
View full review »We use Tenable Nessus internally for our vulnerability scan and dynamic vulnerability assessments.
View full review »We use Tenable Nessus to schedule test scans and work with the finding.
We have integrated Tenable Nessus with Splunk.
I primarily use the solution for network scanning. I can use it when I want to see network scanning involved with the network devices and servers.
View full review »SD
Sandip Deshmukh
Cyber Security Expert at Birlasoft IndiaLtd.
We use this solution for network and device scanning. Massive scanners have been integrated with the security center. We scan devices and pull the report from the security center. We publish the report to respective stakeholders, and we maintain the reports for our records. The reports show vulnerabilities, plugin text, and plugin outputs. We analyze the report and try to close the vulnerabilities identified in the scan.
The solution is deployed on-premises.
There are about 10 people using this solution in my organization. They were part of the security team and were doing the scanning and remediation. I led the team and dealt with any challenges.
My organization is a service provider. We provide security services to clients.
View full review »I use this solution for OS auditing, database auditing, virtualization, and following how closely it follows our CI or TISA benchmarks. We also use it for malware and ransomware risk and for carrying out assessments. We purchased this product from a local partner that has a premium partnership with Tenable. I'm a cybersecurity and compliance lead engineer.
View full review »Two of our customers use it for vulnerability assessment and penetration testing, and they are getting very good results.
We are using the product for CIS benchmarking on our systems.
Our primary use case is basically understanding whether our systems are compliant with the CIS benchmarks in terms of system hardening. What Tenable Nessus does is it can run a scan on the systems and it gives us a report in terms of what properties or settings on the systems are in compliance and what are not in compliance. Then we can review that and go back and improve the systems in terms of those settings.
We have clients, and we are a vendor. We have deployed Tenable Nessus users with the help of the Principal on the client's environment. I have experience with the deployment and the scanning.
View full review »I use Tenable Nessus for vulnerability assessment so that you can scan for CVEs and existing CVEs. Tenable Nessus will show you the latest update on those vulnerabilities and where it needs patches, so it goes hand in hand with patch management. As soon as you scan, you can see whether it needs patching, and if needed, you can go ahead and deploy patch management to address the current issue.
Tenable Nessus is vulnerability management software. We install Nessus scanners on all our workstations and laptops. It runs scans to check for outdated software and vulnerabilities. At the beginning of each month, I send notes out to the admins about what needs to be updated, and I check at the end of the month to make sure it's done.
View full review »We use Tenable Nessus for vulnerability scanning.
View full review »We are using Tenable Nessus for vulnerability management. Not exactly the management, but we perform vulnerability assessments mostly for internal networks. Additionally, we use Acunetix and it comes into play for the web application.
View full review »I am using it for scanning and checking vulnerabilities. I am using the Azure version of Tenable Nessus.
View full review »DD
Dobrisa Dobrenic
Assistant Director for Computing and Network infrastructure at SRCE
We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure.
View full review »We use the solution for vulnerability management trafficking across an entire group.
View full review »We use Tenable to scan all the workstations in our government environment for vulnerabilities and outdated software. The Tenable agents installed on the PCs enable us to detect any potential security risks or applications that are not up-to-date, malicious, or suspicious. This helps us ensure that all the PCs are secure and are in good posture.
View full review »Every month, I had this Windows Gold image scan. I would obtain some IP addresses, create some rules, and then run them.
Then there were the automatic automated jobs that I and my colleagues would arrange to execute.
They would run at night so they wouldn't interrupt the systems.
Enter some IP addresses for workstations and servers. Some were in a highly secure zone, while others were in a separate subnet, we enter those IP addresses in and run them, scheduling them to run biweekly or weekly.
MB
Mouad BOUKIR
Works at a university with 1,001-5,000 employees
My company uses Tenable as a vulnerability assessment.
We use it for scanning, for the discovery of vulnerabilities in the components or the software, or on the IT infrastructure of our client.
View full review »BE
Bryan Evans
Security Analyst at PJM Interconnection
Tenable Nessus can be deployed on-premise and in the cloud.
Tenable Nessus is a vulnerability scanner to find vulnerabilities. The solution finds the vulnerabilities in our environment and then we send those vulnerabilities that are found out to the SMEs to be fixed.
View full review »We are using Nessus Pro. Our operational security team is using it at the moment. It is being used in a couple of ways. In one instance, it is being used purely to scan the internal infrastructure. In the second instance, we're using it to scan the entire network range, including all endpoints. In the third instance, we're using it to do PCI DSS compliance scanning.
View full review »We are using it to find out the vulnerabilities in our critical servers and to patch them.
We are using the latest version.
FC
Fatjon Celaj
Network Security Delivery Manager at alascom
We use Tenable Nessus for vulnerability assessments.
View full review »We use it for vulnerability management. We have the latest version because we're using it in the cloud right now. I have a public cloud and a private cloud version.
View full review »The solution is used to check vulnerabilities.
View full review »Tenable Nessus is used to perform process and network assessments and sometimes for reviews.
View full review »RT
Rachel TSAI
IT Manager at a educational organization with 1,001-5,000 employees
I am using Tenable Nessus to know where the vulnerabilities are on my website.
View full review »We use it predominantly for vulnerability scanning and compliance scanning as part of the vulnerability and compliance protocols in one of our programs.
View full review »Our customers are using this solution. They scan their network, and they get a report about vulnerability assessment tools and solutions.
It's deployed on-prem.
View full review »We are using Tenable Nessus real-time monitoring.
View full review »Over 15.000 active assets|inside 10 companies belonging to the group, the biennium recurrent project mapped the real situation, in parallel with photography of IT/Security maturity through three main domains: processes, people, and technology. 5 TOEs: Infrastructure, Databases (SQL and Oracle in deep), AWS Cloud, Connectivity (Routers, Switches, and Firewalls against/based CIS) and Web Application instances (partial tests). Nessus running over a hardened Linux customized with HA (High Availability).
DN
Dhananjay-Naldurgkar
Senior Consultant - Cyber Security Services at a computer software company with 10,001+ employees
We primarily use the solution for our customer vApp, the dynamic application testing using NetWeb application and security and the infra scanning. It allows us to do a weekly scan for our customers.
I use Zoom for virtual meetings.
View full review »AM
Attila Mate Kovacs
Senior Cyber Security Expert at a security firm with 11-50 employees
We use this solution for information gathering and as an assessment tool.
View full review »MZ
Muhammad NavaidZafar Ansari
Assistant Manager of Information Security at a pharma/biotech company with 1,001-5,000 employees
As new upgrades to the software come out periodically, I am currently using the latest version.
View full review »We usually use the solution for infrastructure level and web application scanning, although mostly for the former. This is what we are doing at present. We were using the web application portion of Tenable Nessus for several months before switching to Veracode.
View full review »We use Tenable Nessus when we are preparing our audit where we need to do an initial scan of our customers' platform to see if they have any critical issues.
View full review »I have been using Tenable Nessus for my personal use. It works well.
I am using this solution for testing.
View full review »DD
Daniel Durante
Senior Manager at a security firm with 201-500 employees
We use Tenable Nessus to provide service to our bank.
I use it to provide our main service related to our big management.
Other than providing information security to our clients, it is our information security provider, service provider — we manage it. Using Nessus, we are able to scan and locate any potential vulnerabilities that our clients may have and point them out to them.
I am not sure how many users we have using this solution, but we have more than 100,000 assets distributed between roughly 40 clients.
View full review »We primarily use the solution for vulnerability management. We also use it during our IP scans.
View full review »MS
MadhavanSrinivasan
CEO at Screenit Labs Pvt Ltd
We are a company that provides cloud migration services. We help companies to migrate to the public cloud. When our customers want to migrate applications, they're worried about the security aspect in the cloud. So we are trying to see how the application security that is on-premises can be migrated to the cloud.
We don't have any particular solution, we are working with a few options. The customer selects what best suits their needs. If we have a program, we work with that.
It's not specific to what we are working with.
View full review »We use it for servers, domain controllers, application servers, Oracle servers, SQL servers, as well as network devices, like routers. For PCs that are used for services such as credit cards and ATMs, we usually do a vulnerability assessment, including Windows Servers, Linux servers, SQL servers, and database servers. We scan everything except basic PCs because it would require a lot of time to check all those reports. Our system administrators use another solution to check regular PCs for Windows and MS updates.
We're checking things every month. We created a schedule and it checks automatically. From time to time, we'll use it to check things if something unusual has happened. For example, if a stranger was on a computer, we'll check if is there a vulnerability there.
We also use it to prepare reports when the agency asks for them.
View full review »JK
John-Kang
Senior Systems Administrator at Government Scientific Source, Inc.
It is used for vulnerability management. We used Nessus to scan our machines to see how they were vulnerable, for patches or security. The CVE numbers is what we looked at, the security vulnerability, and tried to figure out what we were vulnerable to.
We monitored Windows Servers, Windows workstations, Linux servers, firewalls, switches, VMware equipment, and Cisco UCS hardware through the application.
View full review »We use it for internal and external vulnerability scans.
View full review »Our clients use Tenable Nessus to find vulnerabilities in websites and infrastructure.
View full review »I evaluated, set up, and implemented Tenable Nessus for a client. They had four firewalls, about 500 endpoints, two servers, and one database server.
View full review »We use Nessus for vulnerability assessment. Three or four engineers at my company are using it currently.
View full review »We're using Tenable Nessus to manage vulnerabilities.
View full review »I'm using Tenable Nessus for my personal projects and vulnerability assessment, but I can't discuss what I do at work with you.
View full review »I'm using Tenable for a project I'm working on. The primary use case is for web application scanning and we're also able to conduct infrastructure scanning and network scanning. I'm not using all the features.
View full review »We primarily use the solution for vulnerability management.
When it comes to servers and scanners, or servers and endpoints, you can discover the vulnerabilities that might be on the other end. You can see, for example, if
you have a gap in vulnerabilities in specific servers or specific endpoints, and you if have to close the. You can really see the risks that might be encountered within your environment.
Our use cases are pretty straightforward. We primarily use it for conducting vulnerability scans.
View full review »I primarily use the solution for vulnerability scanning within our organization.
View full review »We mainly use it for scanning for vulnerability on our hosts, like network devices and servers; to find the vulnerabilities and do remediation. We monitor Windows and Linux workstations.
View full review »KC
Keith S. Crumpton
President and Sr CISO Consultant at Micro Strategies
I use it for performing vulnerability scans for both my environment and for clients. I provide fractional CISO consulting services. As such, I will perform a vulnerability scan on an environment before I say "yes."
Everybody has to have a vulnerability scan. You should do them periodically which, to me, is monthly. It's just good practice to perform that scan monthly and whenever there's a major change, to make sure that you don't have any open environment.
I monitor web servers, database servers, app servers, desktops; everything you'd find on a network, besides switches and routers. I don't have that, but I monitor any Windows- and Linux-based nodes.
View full review »SD
Infraprojman67
Senior Infrastructure Project Manager at a energy/utilities company with 501-1,000 employees
Our primary use case of this solution is scanning of our external websites.
View full review »MH
Miguel Angel Hernández Armas
Implementation Engineer at GFx Soluciones
Nessus was used to scan vulnerabilities and compliances in our clients' networks and with this, carry out the remediation process through constant cycles in time until threats to the network are considerably reduced. The environments are small business networks (less than 50 employees), and so far there have been no major impediments in the scans performed.
View full review »KS
KalaiarasuSanthirasekeran
Security Professional at a tech vendor with 10,001+ employees
Primarily, I use this for assessment and administration testing.
View full review »TK
Thomas Kung
Senior Consultant at a tech company with 1,001-5,000 employees
My primary use case of this solution is for scanning internal networks.
View full review »AK
Angus Konig
IT Manager at Medmen
I use Tenable Nessus to evaluate the security posture of multiples acquisitions before integrating them to our network.
TM
Dr Trust Tshepo Mapoka
Senior Cybersecurity Consultant at CIA Botswana
I primarily use Nessus for vulnerability management, including scanning, identifying, and assessing risks.
View full review »LO
Reviewer843121
Founder & CEO at a tech services company with 1-10 employees
Tenable Nessus can be deployed on the cloud and on-premise.
I use Tenable Nessus for an internal secured scale.
View full review »We are a solution provider and Tenable Nessus is one of the products that we implement for our clients.
The primary task that Tenable is focused on is vulnerability management.
View full review »LO
Reviewer843121
Founder & CEO at a tech services company with 1-10 employees
I'm currently using the Nessus essentials for testing, it's installed on my Notebook. My company has only been in operation for one month so as soon as I close with my first client, I will buy the professional version. I used the solution in my previous job.
We use Tenable Nessus for asset and vulnerability management.
View full review »We're mainly doing vulnerability scanning with Nessus.
View full review »Buyer's Guide
Tenable Nessus
June 2025

Learn what your peers think about Tenable Nessus. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,390 professionals have used our research since 2012.