Tenable Nessus Reviews

We are using Tenable Nessus real-time monitoring.

The most valuable feature of Tenable Nessus is real-time monitoring.

Tenable Nessus could improve by having more steady updates which will reduce the vulnerabilities.

I have been using Tenable Nessus for approximately 10 years.

Tenable Nessus is a stable solution, we are fairly satisfied.

I rate the scalability of Tenable Nessus an eight out of ten.

Most of the people using this solution at this time are managers.

The technical support has been very useful. They are helpful.

I rate the technical support from Tenable Nessus a four out of five.

The initial setup has been straightforward. However, we are trying to roll out our agents and find all of our devices which we have experienced some challenges. The whole process has taken us approximately three months.

We are doing the implementation in-house.

I would advise others that if this solution fits your use case then I would try it out. Different environments require different solutions.

I rate Tenable Nessus an eight out of ten.

Over 15.000 active assets|inside 10 companies belonging to the group, the biennium recurrent project mapped the real situation, in parallel with photography of IT/Security maturity through three main domains: processes, people, and technology. 5 TOEs: Infrastructure, Databases (SQL and Oracle in deep), AWS Cloud, Connectivity (Routers, Switches, and Firewalls against/based CIS) and Web Application instances (partial tests). Nessus running over a hardened Linux customized with HA (High Availability).

Nessus has more plugins/add-ons, tests, and templates than previous tools (OpenVas) and it is faster and customizable using CLI/API features. It offers enough resources for an interesting cost-benefit rating (for small and medium companies) and minus false-positive events per type of asset. 

It helped us to quickly produce a QuickWin report that guided the VulnerabilityMgmt actions and plans within the company's during the next 3-5 years using the same tool/investment/team for all companies inside the de group.  

Scanners and reports using CIS templates ("de-facto" standard, easy to fix and to locate correction tips in the documentation), tests against cloud providers, database profiles, several types of telecom devices, and other highly customizable scans. You can scale your environment to gradually increase the quality, depth, and quantity of the tests, enabling you to learn and gradually optimize your vulnerability management platform(s)/instance(s). The possibility of integration with other market tools (Kenna, Archer...) is another differential.

- Add the possibility to customize attributes that define the assets critical level based on the company's "business sense".

- Improve integration and tests for OT platforms, OT application, OT hardware, and non-Ethernet protocols.

- Improve the exchange of info/insights/attributes with RM (Risk Management) domain.

- Offer a more flexible strategic and high-level dashboards based on previous comments (minus technical and more business-oriented)

- Model OS costs (and its segregation schema for individual modules).

7+ years with Tenable and more than 15y with others.

Excellent. No one problem during operation time and deployment.

Enough (faster than OpenVAS engine).

It SLA/support are enough. 

Neutral

OpenVAS. We reached the previous level/threshold/maturity using OpenVas (more limited tool when compared with Nessus). I/We believe that, the change to a better tool (in this and in others categories) should be carried out when these indicators are reached.

Very simple and fast.

In-house.

Good. Nessus Pro combined with other xLAP solutions to offer a presentation/grouping layer is great. Using SC this curve/point of ROI is slower.

Start small, learn about your problems/fixing time and grow up gradually.

Several. OpenVas, Rapid7, Qualys, CORE* and Retina.

A cost/benefit interesting tool.

We primarily use the solution for our customer vApp, the dynamic application testing using NetWeb application and security and the infra scanning. It allows us to do a weekly scan for our customers. 

The solution was a great help during the pandemic for closing down all those open vulnerabilities. Continuous scanning of the infra was helpful for identification on the web applications level.

The solution is the most dynamic one I have seen thus far. It is one of the best available solutions. It is the best vulnerability tool that is available at present. 

While Tenable Nessus is a good enterprise solution, the high price would likely make it prohibitive to smaller organizations. 

We feel the licensing cost to be too high for our customers and us. 

EQA's and dashboards should be addressed in the next release. 

We have been using Tenable Nessus for four or five years. I believe that our practice team is doing so. 

The solution is highly reliable. 

Scalability is not an issue. 

Tech support is good. I think we are now partnered with Tenable.

The initial setup was straightforward. The solution was very easy to set up and configure.

We have a yearly subscription license. 

We have a partnership for filling Tenable Nessus as a manager product for our customers. 

Though it is a good enterprise solution, it is likely too highly priced for smaller organizations. 

We feel the licensing cost to be too high for our customers and us.

We have both on-premises and cloud-based deployment in our organization. 

The solution is good. 

I rate Tenable Nessus as a nine out of ten. 

We are using it to find out the vulnerabilities in our critical servers and to patch them.

We are using the latest version.

Tenable Nessus is good. It's the best vulnerability solution in the industry. Most organizations are using it.

In terms of what could be improved, I would say that the reporting feature needs to be improved.

Additionally, although it has the features, the enterprise edition is very limited. They need to add multiple reporting features in the enterprise edition.

I have been using Tenable Nessus for the last two years.

It is a stable product.

Tenable Nessus is a vulnerability product. We have two to three users who are running it, but in terms of the end devices, because it's intended for vulnerabilities scanning and you have to scan your end devices, we have around hundred devices who are scanning with it.

It is a scalable solution.

We contacted support for some scenarios, like upgrades, new security patches, and for some customized reports.

We were satisfied with the speed of the answers. It is good support.

The initial setup is very easy.

Anyone can deploy it, even the managers, the technical teams, the engineers.

I think it took five minutes.

We installed with the help of a consultant. You can do it one time and then you will learn it very easily.

We have an annual subscription.

We also evaluated the Rapid7 Nexpose product, but it has a limitation that it supports 128 users then you have to buy another 128, but with  the Tenable Nessus enterprise edition, you have unlimited licenses to scan the device.

I would recommend Tenable Nessus.

On a scale of one to ten, I would rate it an eight.

I use Zoom for virtual meetings. 

Overall Zoom is a good solution.

I have found it is sometimes difficult to control the Zoom meeting sessions. For example, it is difficult to know who is talking and when trying to mute everyone but the speaker you end up muting everyone. When using multiple screens it is laborious to find the control buttons, such as to start a session. Additionally, when a recording is done I have found it difficult to find them, there should be an easier way to retrieve them.

In a future release, the recordings should be able to be enhanced. I am not fully sure if it is the speed of the network or what the challenge is but we record our Zoom meetings and then I edit them to make them into a presentation. There are times when people are grainy, or their sound is not the best. Zoom should have an optimization option for those wanting to do recordings to allow them to receive the best experience. Alternatively, they could give tips on the best configuration settings for the highest recording output quality. For example, Is the user using the most current version of Zoom, or have they blocked out the background noise.

I have been using Zoom for approximately 10 years.

I have used Teams, ON24, and Citrix.

The solution has free options.

Zoom is a great solution. I did appreciate during the pandemic they offered it for free for a certain amount of callers. I thought that gesture was really great. 

I rate Zoom a ten out of ten.

We use Tenable Nessus for vulnerability assessments.

I have found the vulnerability assessment and the reports to be useful.

The solution could improve by having better integration with different vendors' IPS solutions. The ACLs and IPS policies signatures should be enabled based on the results of Tenable Nessus automatically, we currently have to do it manually which is very time-consuming. It has done a good job integrating with Fortinet but we would like it to be better integrated with other solutions that we have. Additionally, After Tenable Nessus was able to recognize the vulnerability it would be great to have it virtually batch the systems if you are not able to update the different systems.

I have been using Tenable Nessus within the last 12 months.

While doing the scans we have not had any issues, the solution is stable.

Tenable Nessus is scalable.

The technical support was responsive and helpful. We were trying different integrations and needed some assistance.

We used Qualys previously. 

The initial setup is very easy and straightforward. The VM can be done very quickly and the whole process takes approximately 30 minutes. The installation is quicker than others solutions, such as Qualys.

The price of the solution is reasonable.

I rate Tenable Nessus an eight out of ten.

We use this solution for information gathering and as an assessment tool.

Tenable Nessus is one of the best vulnerability assessment tools, that I know.

The price could be improved. They need more flexible pricing.

If they had a very creative idea, maybe they could add a special feature. Even extending functions, or exploring new areas. If they were able to integrate it with the existing solution, that would be fine.

I would like to see more integrations, more ideas or services, and functions offered.

It's about wider functionality and not a question of integration. It's more a question of, creativity. If they have other ideas such as what could be added to the vulnerability management. 

I have been using Tenable Nessus for five years.

Tenable Nessus is a stable product.

It's a scalable solution.

Nessus we either use Nessus for projects for ourselves in many situations, and they also deliver Nessus as a solution for at least five clients. We also have approximately 10 users in our organization.

My experience with technical support is very positive.

The installation was easy.

It took approximately six hours to install and deploy.

We need two for the deployment and maintenance, we have two or three people.

In general, it is extremely expensive. If they have a higher price, that's fine, but if there were one or two solutions where you can buy something for a cheaper price then that would make sense for many users.

I understand why it's expensive, but it would be good to have a limited solution with cheaper prices.

There are different solutions for purchasing Nessus, which is not possible with Datadog.

I would recommend this solution to others.

I would rate Tenable Nessus a nine out of ten because it has many dimensions.

The valuable feature for me is being able to ping the computers to do the automated scan and to come back and be able to see everything. That's definitely a huge plus, but then there's also the ease of reviewing the scores, identifying vulnerabilities, and getting the information on the vulnerabilities; the ability to review all that within one tool has been phenomenal. When we're reviewing those Nessus scores, the solution works well.

I think there's still some things that need to be ironed out to ensure that we can have a one-stop shop to do both ACAS, SCAP automated assessments in. We've been trying to do that and they say you can, the capability is integrated into the system. But in most instances, especially when you're dealing with some systems that are standalone or a network that we built ourselves, we find that some devices aren't pinged and the scans aren't done properly. That also comes down to the hardening of the systems where the password or the privileges weren't taken, so therefore it didn't do the scan properly. 

I've been using this solution for the past six or seven years. 

The solution is stable. We haven't run into any issues other than some passwords that don't take, but that's the way we set up the system. If it's set up properly and configured appropriately, there won't be any issues.

We could definitely make the adjustment to scale it left, right, up and down, depending on what we're using it for and we haven't run into any issues on that. It's pretty flexible.

The setup itself is pretty straightforward. Because these are standalone systems, there are some additional steps that the IT team needs to do, but they pretty much have it down to where they could install the tools pretty easily and have it running reasonably quickly. 

I would recommend making sure that the solution meets your needs for automated scans and the SCAP. If you're looking for a one-stop shop, I think it's a great tool for that. I would recommend some form of training if you don't have experience with this kind of solution. There's a bit of a learning curve involved in terms of configuring and using Nessus. 

I rate this solution an eight out of 10.