Tenable Nessus Reviews

Two of our customers use it for vulnerability assessment and penetration testing, and they are getting very good results.

It is easy to deploy and easy to use. Its reporting is good. From this reporting, you can see the pain point in your network, which makes it easy to fix them. It is easy to understand the reports and export them.

Technically, it is an excellent and the best solution available in Libya. My only concern is related to its pricing. They are an emerging company in Libya, and they need to put in some effort to provide us with very good prices so that customers can go with the best solution. Chinese companies are getting into the market here, and they're providing very cheap solutions.

We have been providing network and solution integration services since 2012.

It is a stable solution. It is the best one in the world. I am not considering any other solutions.

It is scalable.

Their technical support is very good. The feedback that I have received from the customers for the tickets that they opened is that they are satisfied with the service.

It is easy to deploy. It can be implemented in less than 10 days, but complex projects with ISO2007 and 001 compliance requirements can take more than a year.

From our side, there are only two engineers. One is the main engineer and the other one is the backup engineer. 

It is being used by only three users. Two are from the cyber information security team and one is from the network security team.

Its price is high for Libya. The companies here in Libya don't have the awareness of and a good budget for cybersecurity services. If you want them to go for a product, you need to provide something different. This differentiation is related to the price. They should give about 40% to 45% discount per person on the current cost. From our side, we provide the demo and show it as a very good and valuable solution, but when it comes to the price, some companies don't want to own the tool. They prefer to go for it as a service. There are a few companies that are providing it as a service where they own the tool, but they provide it as a service, which is cheaper than a customer owning the product. We strongly recommended that customers own the product and use it. 

I strongly recommend to customers to go for a three-year license to use it, benefit from it, and be comfortable with it. In Libya, we are facing a problem related to the timelines and delays of projects. If they go for just a one-year license and the project gets delayed by six months, they will have only six months to use it.

It is a very good and useful tool. I would rate it a nine out of ten.

We are using the product for CIS benchmarking on our systems.

Our primary use case is basically understanding whether our systems are compliant with the CIS benchmarks in terms of system hardening. What Tenable Nessus does is it can run a scan on the systems and it gives us a report in terms of what properties or settings on the systems are in compliance and what are not in compliance. Then we can review that and go back and improve the systems in terms of those settings.

What I like about it is the fact that it can figure out what changes we need to make on our systems to ensure that they're hardened properly.

The initial setup is not difficult. 

Once you get past the initial implementation, the solution is very stable. 

It's scalable. 

So far, it has been fulfilling the requirements. From that perspective, there is not a lot that I would want to improve in the features that we are using it.

They could make their reporting a little better. Maybe they could do some more integrations with certain other tools to extend it or make the reporting better in the sense that it could probably generate some alerts or something of that sort. It could do some real-time reporting. If there are any policies that are changing or getting violated, they could probably generate some alerts, which could involve the on-call on my side so that I could take immediate action. That could probably be one thing that they could introduce.

We've used the solution for about a year now. It hasn't been that long. 

Initially, we had some issues. Initially, we were not very confident about how to configure certain things. Once we had integrated and deployed the product, we needed a few support calls to fix the system properly in our environment and since then it has been smooth, I would say. The stability is now good.

The solution can scale. 

We have very few users. It's basically based on the number of systems that we need to install it on in terms of scaling. That's something that probably is more than the number of users who actually access the system. It's largely used by the security team.

We do have plans to increase the usage of Tenable Nessus organically. As the number of systems that we use is dynamic in nature, it likely will keep going up and down over time.

We've dealt with technical support on and off I would say. We keep talking to the technical support at times to get some insights on any new features that are coming in or in terms of how to use a certain feature that we are probably trying to introduce or something of that sort.

We were not using any other products before this.

For the initial setup, I need to deploy an agent on my systems. It's pretty straightforward. It's not very difficult.

I'm not really sure about how long it took, however, my understanding is it didn't take too long for our system. It was maybe a few minutes per system or maybe half an hour per system. Not more than that.

We did not use a consultant or any integrator for the deployment. We did it in-house. 

There were a couple of people on my team who were able to set it up for us.

I'm not aware of the licensing cost.

I'd recommend the product to others. If a company wants to use it for system analysis as part of the benchmarking of the systems or if a company wants to do security benchmarking, they can use this. They should be able to use the tool.

I'd rate the solution eight out of ten. 

Tenable Nessus can be deployed on-premise and in the cloud.

Tenable Nessus is a vulnerability scanner to find vulnerabilities. The solution finds the vulnerabilities in our environment and then we send those vulnerabilities that are found out to the SMEs to be fixed.

Tenable Nessus allows us to keep up on fixing the vulnerabilities that are either being exploited in the wild or the ones that we find most critical.

The most valuable feature of Tenable Nessus is vulnerability detection.

Tenable Nessus could improve reporting and information sharing. It would be helpful if we could share the reports and have a little bit better flexibility in the reporting of the data.

In the next release, they should add some more integration with other security solutions that would be helpful.

I have used Tenable Nessus for approximately 10 years.

The stability of Tenable Nessus is very good.

Tenable Nessus is highly scalable.

We have a couple of administrators and vulnerability analysts who run scans, and read-only accounts for the SMEs who fix vulnerabilities, and an executive role for management to view the data.

We use Tenable Nessus extensively, we have scheduled jobs running all the time. We do scans on all the systems on our network, and we are always making tweaks.

I rate the support of Tenable Nessus a four out of five.

I have not used another solution previously to Tenable Nessus.

For our deployment of Tenable Nessus, there are elements of complexity. However, the complexity depends on the use case. The solution is not that difficult to implement, the complexity comes from the many things that are involved. You do not need to be an expert there are many parts that need to be set up.

We had Linux servers built and the Tenable Nessus software was installed on top of that. It was relatively simple as far as that goes.

I rate the ease of setup of Tenable Nessus a three out of five.

We did the implementation in-house.

We have two administrators and one SME that does the supporting of Tenable Nessus.

It is difficult to show or rate ROI from a security standpoint, it is similar to having car insurance. When there are vulnerabilities out there, we can quickly look because we're scanning all the time at what our vulnerabilities are. Tenable Nessus is used for keeping our infrastructure safe.

Tenable Nessus needs to be licensed. We own a license for the security center and that license is charged by the number of IP addresses that you can scan. You're allowed to have as many scanners as you want and there's no license for the number of scanners. We have a bunch of Nessus scanners out there, and as long as we're comfortable with staying under that IP address limit, that's really all we have to be concerned about.

We pay a monthly maintenance fee, which is reoccurring.

We did evaluate other solutions before choosing Tenable Nessus, such as Rapid7. We choose Tenable Nessus because it was used by more customers and it seemed at the time to be more straightforward.

Security is complicated a subject. There's a lot involved in Tenable Nessus, but the solution is easy to run and manage and we have had a lot of good success with it.

I rate Tenable Nessus a nine out of ten.

We are using Nessus Pro. Our operational security team is using it at the moment. It is being used in a couple of ways. In one instance, it is being used purely to scan the internal infrastructure. In the second instance, we're using it to scan the entire network range, including all endpoints. In the third instance, we're using it to do PCI DSS compliance scanning.

It does exactly what you expect it to do, and its pricing is great. We couldn't really ask for a better deal.

The interface is a little bit clunky, and the reporting is not marvelous. There should be better integration of reporting between instances. Currently, the instance stands alone, and it produces a report. Being able to amalgamate those reports with another instance will be useful.

It has never let us down from a stability point of view.

It is really scalable. It is great.

We have six people who are actually interacting with the tool itself, but obviously, it has been deployed against thousands of endpoints. There are three different roles of those six users.

They are very good. Their formal support and the wider community support are excellent.

We've used Rapid7 in the past. We switched because of the value for money and the fact that it feeds into the Tenable.io platform, which is where we ultimately want to be.

It was straightforward and fast. It literally took a morning.

It was done in-house. For its deployment and maintenance, there is just one person. He is an information security analyst.

Its pricing is great and can't be improved. It is very cheap. It is less than 2,000 pounds a license, and you can't really ask for more.

It has unlimited IPs and unlimited scans. There are no particular pricing constraints. The only additional cost is the inherent cost of the people to actually review the actual scans.

My advice to people who are looking into implementing this product would be to just go ahead and do it. Don't be frightened about it. It is great. It does exactly what you'd expect it to do. You can use it as a stepping stone to the other Tenable products.

I would rate it a nine out of 10. It is a lovely product. It just does what you need it to do, and lets you get on with your day.

We have clients, and we are a vendor. We have deployed Tenable Nessus users with the help of the Principal on the client's environment. I have experience with the deployment and the scanning.

The features I personally like include host discovery. For web servers, there are individual options available. There are many options that are useful to us.

Sometimes, the categorization for clients was tricky at first, however, they eventually got used to it.

I haven't faced any issues as of now. It has been stable with no critical issues, technical issues, or downtimes.

The support has been really cooperative. Whenever any issue arises, we contact the support, and they are always there for us. The support is pretty good.

Positive

The deployment was done by the Tenable team, and I was part of this process.

I definitely recommend Tenable Nessus for network scanning and other tasks.

I'd rate the solution eight out of ten.

The solution is used to check vulnerabilities.

The product has good features. It gives us a view of the vulnerabilities like open ports and different issues with software. It is a mature tool.

The product must be more comprehensive. It must catch all the issues.

I have been using the solution for a few years.

I rate the tool’s stability a nine out of ten. The stability could be improved.

The tool is scalable. We have three users. We need a team to maintain the product.

The deployment can be done in-house.

I recommend the solution to others. I rate the solution a nine out of ten.

Tenable Nessus is used to perform process and network assessments and sometimes for reviews.

The most valuable features of Tenable Nessus are the scanning option. Advanced scanning is highly useful. The offline config audits and application assessments are useful.

The price and scalability of the solution could improve.

I have been using the solution for six years and seven months.

I rate the stability of Tenable Nessus a ten out of ten.

The scalability of Tenable Nessus has been scalable. I am able to scan a large number of IPs.

We have all our three security staff using the solution.

I have not contacted the support.

The initial setup of Tenable Nessus is easy. The deployment took approximately 4 hours for the policies and the setup was not long.

I rate the initial setup of Tenable Nessus a nine out of ten.

The price of the solution is reasonable.

I would recommend others use this solution.

I rate Tenable Nessus a nine out of ten.

We use Tenable Nessus to schedule test scans and work with the finding.

We have integrated Tenable Nessus with Splunk.

The most valuable feature of Tenable Nessus is the GUI and user-friendliness. Additionally, the environment is easy to work with.

I have been using Tenable Nessus for approximately one year.

Tenable Nessus is a stable solution.

I rate the stability of Tenable Nessus a ten out of ten.

The scalability of Tenable Nessus is good. However, it could be more flexible.

We have over 400 people using the solution. We plan to increase our usage, but it depends on the progress of the business.

I rate the scalability of Tenable Nessus an eight out of ten.

The support we have for Tenable Nessus is internal. The IT teams for Tenable Nessus are in the Czech Republic for us.

I have previously used Tenable IO.

The price of Tenable Nessus is too expensive for each service center.

I recommend Tenable Nessus because it's a good solution, works properly, is not complicated to administrate, is simple to manage, and is stable.

I rate Tenable Nessus a nine out of ten.