Tenable Nessus Reviews

Our customers are using this solution. They scan their network, and they get a report about vulnerability assessment tools and solutions.

It's deployed on-prem.

It gives you an unlimited IP scan. It's a cheap solution compared to Rapid7 or Qualys. It's very user-friendly. Customers can easily scan their network.

I would like to have a management option after the network scanning.

The difference between Nessus and Rapid7 is price. Nessus is a very cheap solution compared to Rapid7 and has unlimited IP scanning facilities, but Rapid7 doesn't have this option. It has IP limitations. Rapid7 has some models based on how many IPs the customer wants to scan, and the costs depends on that amount.

The cost is around $4,300 per year. Use is unlimited. You don't pay more if you want to use it for another IP.

I would rate this solution 8 out of 10.

We are using Tenable Nessus real-time monitoring.

The most valuable feature of Tenable Nessus is real-time monitoring.

Tenable Nessus could improve by having more steady updates which will reduce the vulnerabilities.

I have been using Tenable Nessus for approximately 10 years.

Tenable Nessus is a stable solution, we are fairly satisfied.

I rate the scalability of Tenable Nessus an eight out of ten.

Most of the people using this solution at this time are managers.

The technical support has been very useful. They are helpful.

I rate the technical support from Tenable Nessus a four out of five.

The initial setup has been straightforward. However, we are trying to roll out our agents and find all of our devices which we have experienced some challenges. The whole process has taken us approximately three months.

We are doing the implementation in-house.

I would advise others that if this solution fits your use case then I would try it out. Different environments require different solutions.

I rate Tenable Nessus an eight out of ten.

We are using Nessus Pro. Our operational security team is using it at the moment. It is being used in a couple of ways. In one instance, it is being used purely to scan the internal infrastructure. In the second instance, we're using it to scan the entire network range, including all endpoints. In the third instance, we're using it to do PCI DSS compliance scanning.

It does exactly what you expect it to do, and its pricing is great. We couldn't really ask for a better deal.

The interface is a little bit clunky, and the reporting is not marvelous. There should be better integration of reporting between instances. Currently, the instance stands alone, and it produces a report. Being able to amalgamate those reports with another instance will be useful.

It has never let us down from a stability point of view.

It is really scalable. It is great.

We have six people who are actually interacting with the tool itself, but obviously, it has been deployed against thousands of endpoints. There are three different roles of those six users.

They are very good. Their formal support and the wider community support are excellent.

We've used Rapid7 in the past. We switched because of the value for money and the fact that it feeds into the Tenable.io platform, which is where we ultimately want to be.

It was straightforward and fast. It literally took a morning.

It was done in-house. For its deployment and maintenance, there is just one person. He is an information security analyst.

Its pricing is great and can't be improved. It is very cheap. It is less than 2,000 pounds a license, and you can't really ask for more.

It has unlimited IPs and unlimited scans. There are no particular pricing constraints. The only additional cost is the inherent cost of the people to actually review the actual scans.

My advice to people who are looking into implementing this product would be to just go ahead and do it. Don't be frightened about it. It is great. It does exactly what you'd expect it to do. You can use it as a stepping stone to the other Tenable products.

I would rate it a nine out of 10. It is a lovely product. It just does what you need it to do, and lets you get on with your day.

Over 15.000 active assets|inside 10 companies belonging to the group, the biennium recurrent project mapped the real situation, in parallel with photography of IT/Security maturity through three main domains: processes, people, and technology. 5 TOEs: Infrastructure, Databases (SQL and Oracle in deep), AWS Cloud, Connectivity (Routers, Switches, and Firewalls against/based CIS) and Web Application instances (partial tests). Nessus running over a hardened Linux customized with HA (High Availability).

Nessus has more plugins/add-ons, tests, and templates than previous tools (OpenVas) and it is faster and customizable using CLI/API features. It offers enough resources for an interesting cost-benefit rating (for small and medium companies) and minus false-positive events per type of asset. 

It helped us to quickly produce a QuickWin report that guided the VulnerabilityMgmt actions and plans within the company's during the next 3-5 years using the same tool/investment/team for all companies inside the de group.  

Scanners and reports using CIS templates ("de-facto" standard, easy to fix and to locate correction tips in the documentation), tests against cloud providers, database profiles, several types of telecom devices, and other highly customizable scans. You can scale your environment to gradually increase the quality, depth, and quantity of the tests, enabling you to learn and gradually optimize your vulnerability management platform(s)/instance(s). The possibility of integration with other market tools (Kenna, Archer...) is another differential.

- Add the possibility to customize attributes that define the assets critical level based on the company's "business sense".

- Improve integration and tests for OT platforms, OT application, OT hardware, and non-Ethernet protocols.

- Improve the exchange of info/insights/attributes with RM (Risk Management) domain.

- Offer a more flexible strategic and high-level dashboards based on previous comments (minus technical and more business-oriented)

- Model OS costs (and its segregation schema for individual modules).

7+ years with Tenable and more than 15y with others.

Excellent. No one problem during operation time and deployment.

Enough (faster than OpenVAS engine).

It SLA/support are enough. 

Neutral

OpenVAS. We reached the previous level/threshold/maturity using OpenVas (more limited tool when compared with Nessus). I/We believe that, the change to a better tool (in this and in others categories) should be carried out when these indicators are reached.

Very simple and fast.

In-house.

Good. Nessus Pro combined with other xLAP solutions to offer a presentation/grouping layer is great. Using SC this curve/point of ROI is slower.

Start small, learn about your problems/fixing time and grow up gradually.

Several. OpenVas, Rapid7, Qualys, CORE* and Retina.

A cost/benefit interesting tool.

We primarily use the solution for our customer vApp, the dynamic application testing using NetWeb application and security and the infra scanning. It allows us to do a weekly scan for our customers. 

The solution was a great help during the pandemic for closing down all those open vulnerabilities. Continuous scanning of the infra was helpful for identification on the web applications level.

The solution is the most dynamic one I have seen thus far. It is one of the best available solutions. It is the best vulnerability tool that is available at present. 

While Tenable Nessus is a good enterprise solution, the high price would likely make it prohibitive to smaller organizations. 

We feel the licensing cost to be too high for our customers and us. 

EQA's and dashboards should be addressed in the next release. 

We have been using Tenable Nessus for four or five years. I believe that our practice team is doing so. 

The solution is highly reliable. 

Scalability is not an issue. 

Tech support is good. I think we are now partnered with Tenable.

The initial setup was straightforward. The solution was very easy to set up and configure.

We have a yearly subscription license. 

We have a partnership for filling Tenable Nessus as a manager product for our customers. 

Though it is a good enterprise solution, it is likely too highly priced for smaller organizations. 

We feel the licensing cost to be too high for our customers and us.

We have both on-premises and cloud-based deployment in our organization. 

The solution is good. 

I rate Tenable Nessus as a nine out of ten. 

We are using it to find out the vulnerabilities in our critical servers and to patch them.

We are using the latest version.

Tenable Nessus is good. It's the best vulnerability solution in the industry. Most organizations are using it.

In terms of what could be improved, I would say that the reporting feature needs to be improved.

Additionally, although it has the features, the enterprise edition is very limited. They need to add multiple reporting features in the enterprise edition.

I have been using Tenable Nessus for the last two years.

It is a stable product.

Tenable Nessus is a vulnerability product. We have two to three users who are running it, but in terms of the end devices, because it's intended for vulnerabilities scanning and you have to scan your end devices, we have around hundred devices who are scanning with it.

It is a scalable solution.

We contacted support for some scenarios, like upgrades, new security patches, and for some customized reports.

We were satisfied with the speed of the answers. It is good support.

The initial setup is very easy.

Anyone can deploy it, even the managers, the technical teams, the engineers.

I think it took five minutes.

We installed with the help of a consultant. You can do it one time and then you will learn it very easily.

We have an annual subscription.

We also evaluated the Rapid7 Nexpose product, but it has a limitation that it supports 128 users then you have to buy another 128, but with  the Tenable Nessus enterprise edition, you have unlimited licenses to scan the device.

I would recommend Tenable Nessus.

On a scale of one to ten, I would rate it an eight.

I use Zoom for virtual meetings. 

Overall Zoom is a good solution.

I have found it is sometimes difficult to control the Zoom meeting sessions. For example, it is difficult to know who is talking and when trying to mute everyone but the speaker you end up muting everyone. When using multiple screens it is laborious to find the control buttons, such as to start a session. Additionally, when a recording is done I have found it difficult to find them, there should be an easier way to retrieve them.

In a future release, the recordings should be able to be enhanced. I am not fully sure if it is the speed of the network or what the challenge is but we record our Zoom meetings and then I edit them to make them into a presentation. There are times when people are grainy, or their sound is not the best. Zoom should have an optimization option for those wanting to do recordings to allow them to receive the best experience. Alternatively, they could give tips on the best configuration settings for the highest recording output quality. For example, Is the user using the most current version of Zoom, or have they blocked out the background noise.

I have been using Zoom for approximately 10 years.

I have used Teams, ON24, and Citrix.

The solution has free options.

Zoom is a great solution. I did appreciate during the pandemic they offered it for free for a certain amount of callers. I thought that gesture was really great. 

I rate Zoom a ten out of ten.

We use Tenable Nessus for vulnerability assessments.

I have found the vulnerability assessment and the reports to be useful.

The solution could improve by having better integration with different vendors' IPS solutions. The ACLs and IPS policies signatures should be enabled based on the results of Tenable Nessus automatically, we currently have to do it manually which is very time-consuming. It has done a good job integrating with Fortinet but we would like it to be better integrated with other solutions that we have. Additionally, After Tenable Nessus was able to recognize the vulnerability it would be great to have it virtually batch the systems if you are not able to update the different systems.

I have been using Tenable Nessus within the last 12 months.

While doing the scans we have not had any issues, the solution is stable.

Tenable Nessus is scalable.

The technical support was responsive and helpful. We were trying different integrations and needed some assistance.

We used Qualys previously. 

The initial setup is very easy and straightforward. The VM can be done very quickly and the whole process takes approximately 30 minutes. The installation is quicker than others solutions, such as Qualys.

The price of the solution is reasonable.

I rate Tenable Nessus an eight out of ten.