Tenable Nessus Reviews

My primary use case of this solution is for scanning internal networks.

We use Tenable Nessus for scanning. We find lots of vulnerabilities and then we reduce the time spent on finding inbox vulnerabilities. Of course, Tenable streamlines the process. It has been a positive experience overall.

Tenable can scan for missing patches for the endpoints. We can scan it and then, once we can support any endpoint without patching, we inform our users.

We wanted to do a lot of Hardening and we have to make sure that all endpoints are up to the certain Hardening standard and we propose the CIS benchmark to do this. That's why we use Tenable to do scanning frequency and to ensure the quality of the endpoints.

This is still a maturing product. Tenable is only a scanner for one ability, while other solutions like Rapid7 have more tools for verification. We still have to manually verify to see if the vulnerability is a false positive or not. 

It is stable. We have not had any major issues. It performs as scheduled and scans as needed.

In terms of scalability, there is an issue with cloud servers. You need the internet bandwidth to do the testing. They consume a lot of bandwidth and they use the cloud scanners for the scanning. 

I usually use the dashboard for support. It shows the critical vulnerabilities from low to high. They are very responsive when necessary. 

The implementation was straightforward. First, we noticed whether everything was ready, then we got a license key, set up some basic scanning using a default template, and finally, we scheduled time. 

The price of Tenable Nessus is much more competitive versus other solutions on the market. 

We were manually scanning before using Tenable Nessus. We looked at Rapid7 but we are satisfied with Tenable Nessus. 

I would suggest that people considering this solution should choose the cloud-based solution versus the on-premise version.

I'm using Tenable for a project I'm working on. The primary use case is for web application scanning and we're also able to conduct infrastructure scanning and network scanning. I'm not using all the features. 

It's a user friendly solution and I like the dashboards. 

Unfortunately, the solution consumes more system resources when it's being run and I'd like that to be reduced. 

I've been using this solution for three months. 

The solution is stable. 

The solution is scalable.

The initial setup was very easy, it didn't take more than 10 minutes. It does depend on internet speed so sometimes deployment might take longer. 

I rate this solution an eight out of 10. 

I primarily use the solution for vulnerability scanning within our organization.

The automatic scanner and scheduler are pretty cool. 

The interface is excellent. It makes it very user friendly and easy to navigate for the most part.

It's a pretty solid product. I pretty much like almost all of it. 

The product is pretty problem-free. We don't have any real issues with it.

The reporting is a bit cumbersome. 

A lot of times you have got to, if you want to test things, go in and then back all the way out, and then try something else, and that just becomes cumbersome. 

The testing functionality could be better.

The way they had set up the scan sometimes is difficult as well. It's partly due to how it's set up where I am. It's not necessarily a Tenable thing, however, the user, how they assign users and roles, is strange. Sometimes if a coworker sets up a scan, I can't start it or stop it. That's just something that may be an issue on our set-up and not a Tenable issue.

I've been using the solution for a while. I've probably been using the solution since 2015. It's been over five years at this point.

We're just customers. We're end-users. We don't have a business relationship with the company.

We're using the solution as what I would consider a hybrid, where the security center is managed by another group. However, we have a scanner in our network that connects back to the security center and the DOD of Azure.

We're largely happy with the product. Overall, I'd rate the solution eight out of ten. If it weren't for the reporting or the scanning difficulties, I would rate it higher.

Our primary use case of this solution is scanning of our external websites.

The feature I find most valuable is the vulnerability reporting.

I would like to see an improvement in the ranking of high, medium and low vulnerability.

The solution is very stable.

Tenable Nessus is a very scalable solution. We have over 50 devices running on it currently, and over 50 locations. And we plan to increase our usage in the future. We use our existing team for maintenance, so we didn't have to increase our headcounts. One person is enough to do the maintenance.

The technical support is good.

I will say the initial setup was not straightforward, and not complex either. It's medium. Technically it's not too complicated, but if you work with a good partner, they can help. The deployment took us about three to six months.

My advice to others would be to include post-implementation support for six months from the vendor to help with the fine-tuning. I rate this solution an eight out of ten. In the future, I would like to see better reporting for high impact vulnerabilities.

I'm currently using the Nessus essentials for testing, it's installed on my Notebook. My company has only been in operation for one month so as soon as I close with my first client, I will buy the professional version. I used the solution in my previous job. 

I have chosen Nessus because it's very simple to use and install. Depending on the number of assets you scan, Nessus is also an affordable solution. Products such as Tenable IO and RapidLab, can become expensive depending on the number of IPs. So Nessus Pro is perfect for my needs right now.

I'd like to see a dashboard for this product because the report for counters is too simple. There needs to be something better for the client.

I've been using this solution for five years. 

This solution is stable. 

The solution is definitely scalable. 

I've never needed to contact Tenable support, I've been able to resolve any issues myself. 

The initial setup is very easy. Deployment takes less than two hours, it's simple.

It's important to test the solution so you know that it works for your situation. They have a trial version so it's easy to test before you purchase it. 

I rate this solution eight out of 10. 

I'm using Tenable Nessus for my personal projects and vulnerability assessment, but I can't discuss what I do at work with you.

I have experience with it on my attack stations, and it's pretty good to optimize. Personally, I think Nessus is quite a good product.

Some things in the user interface could be better. The user interface could allow more adjustments to plugins. The price could also be better.

I have been using Tenable Nessus as a worker in America for about 15 years now.

Technical support could be more knowledgeable. Their support right now goes from awkward to funny. Sorry to say that, but Tenable Nessus support isn't working as it should. They act fast, but their solutions don't always work. I've been in several situations at work where I had to find my own solutions.

The initial setup and installation are pretty straightforward. Let's say 15 minutes to compile the plugin. It would take about half an hour to an hour to set up and deploy.

One problem with Tenable is its pricing policy. Optimal results can be achieved with Greenbone Solutions which has much more friendly pricing policies.

On a scale from one to ten, I would give Tenable Nessus an eight.

The features of Tenable Nessus that I have found most valuable are its reliability and its ability to collate a dependable output, where we are able to get the same vulnerability when we test manually. The output is quite reliable.

In terms of what could be improved, I would say its reporting portion.

Additionally, we have the on-prem version, but sometimes we want to have an on-cloud deployment as well for certain projects, although not so many. The people who used it on cloud didn't find it as good as the version they were using on-prem. Overall, the cloud version could be improved.

I have been using Tenable Nessus for about three years now. We are currently using the latest version.

In terms of stability, recently we are seeing many updates coming in and we are finding that the updating model with its latest releases may be a little buggy. So sometimes deployment may take a couple of times and Nessus takes its own time for updating, thereby delaying the deployment time. Of late is, we are seeing updates coming in very frequently. So when we deploy it, it just updates again and again and that almost doubles the time.

Tenable Nessus is scalable. That's not an issue.

We did reach out to technical support. I think it was just once, but it took them a long time to respond. Maybe it was case specific, but they took a few days to get back to us and we didn't expect that. Now they've completely changed the model to email support, so we send the email and we'll have to wait until the guys answer us back.

The initial setup on-prem and on-cloud did not have any issues. It just took a couple of hours.

On a scale of one to ten, I would give Tenable Nessus an eight.

What happens is Nessus keeps on updating and this becomes a showstopper. We are unable to proceed with the vulnerability scans or testing if we do not update to the latest available patch. We can understand the risk if it's maybe one version earlier, meaning, we understand something was updated with XYZ patch but there should be something which gives us an option so that not all of our deployments need to have the latest patch. This would save the deployment time because of frequent updates.

I would recommend Tenable Nessus. Especially the commercial model. We operate in small and medium enterprises and for them, Nessus is becoming expensive. Because of this I may not buy Nessus this year and I might switch to Qualys, for example. Overall, Tenable Nessus is not so price pocket friendly for small and medium users.

Primarily, I use this for assessment and administration testing.

I find the features that are most valuable are the policies that help us identify the vulnerabilities. These policies are then used for scanning and identifying instabilities.

The reporting functionality needs improvement. I think it would be beneficial to have a high level explanation for a particular user. 

It is very stable, based on our past experience. We have had some false positives in the past, which we hope can improve in the future.

The scalability is fine. It is tied to the licensing agreement. We currently have 20 people using this tool in our organization. It is primarily used by people in our cellular team. If we see a need to add more users in the future, we will renegotiate our licensing agreement to do so. 

We have not needed to contact tech support much. We contacted them about the false positives, and they were helpful. 

We also evaluated Netplus. 

The installation is very straightforward and easy. We did not use a third-party installer. 

I think the price is fairly affordable. It provides a license that is fair.