Tenable Nessus Reviews

We have clients, and we are a vendor. We have deployed Tenable Nessus users with the help of the Principal on the client's environment. I have experience with the deployment and the scanning.

The features I personally like include host discovery. For web servers, there are individual options available. There are many options that are useful to us.

Sometimes, the categorization for clients was tricky at first, however, they eventually got used to it.

I haven't faced any issues as of now. It has been stable with no critical issues, technical issues, or downtimes.

The support has been really cooperative. Whenever any issue arises, we contact the support, and they are always there for us. The support is pretty good.

Positive

The deployment was done by the Tenable team, and I was part of this process.

I definitely recommend Tenable Nessus for network scanning and other tasks.

I'd rate the solution eight out of ten.

Tenable Nessus is vulnerability management software. We install Nessus scanners on all our workstations and laptops. It runs scans to check for outdated software and vulnerabilities. At the beginning of each month, I send notes out to the admins about what needs to be updated, and I check at the end of the month to make sure it's done. 

Nessus helps us keep our software up to date to avoid security vulnerabilities. It's a good tool for auditing our vulnerability management. 

My favorite part about Nessus is that you can customize the tool to scan exactly what you want. Microsoft releases new patches monthly on Patch Tuesday, and a lot of companies track that date. I set up Nessus for the day after Patch Tuesday to see which devices have already pushed those updates from Microsoft, so we can stay updated. 

Tenable stays on top of new IT trends in vulnerability management because there's constant innovation. They keep up with the industry. In the past few years, everything has shifted to cloud-based servers. It's a long-term trend that COVID accelerated. Tenable came out with a tool for that. 

Nessus  is pretty stable if you have a disaster recovery plan in place. We've never had an outage. The stability depends on the servers where it is running. 

You can scale Nessus to the extent that you can afford it. You need to have a license for every device you scan. As long as you can afford the increased costs, you won't have a problem scaling it.

I rate Tenable support 10 out of 10. They're top-of-the-line.  It's the best support I've worked with so far. 

Positive

I rate Tenable Nessus nine out of 10. I recommend creating a Tenable Community account. Tenable uses that for support, but they also have a massive library of training videos that they call Tenable University. You can also access the Tenable Community forums where experts and general users can share information and ask questions. 

We are using Nessus Pro. Our operational security team is using it at the moment. It is being used in a couple of ways. In one instance, it is being used purely to scan the internal infrastructure. In the second instance, we're using it to scan the entire network range, including all endpoints. In the third instance, we're using it to do PCI DSS compliance scanning.

It does exactly what you expect it to do, and its pricing is great. We couldn't really ask for a better deal.

The interface is a little bit clunky, and the reporting is not marvelous. There should be better integration of reporting between instances. Currently, the instance stands alone, and it produces a report. Being able to amalgamate those reports with another instance will be useful.

It has never let us down from a stability point of view.

It is really scalable. It is great.

We have six people who are actually interacting with the tool itself, but obviously, it has been deployed against thousands of endpoints. There are three different roles of those six users.

They are very good. Their formal support and the wider community support are excellent.

We've used Rapid7 in the past. We switched because of the value for money and the fact that it feeds into the Tenable.io platform, which is where we ultimately want to be.

It was straightforward and fast. It literally took a morning.

It was done in-house. For its deployment and maintenance, there is just one person. He is an information security analyst.

Its pricing is great and can't be improved. It is very cheap. It is less than 2,000 pounds a license, and you can't really ask for more.

It has unlimited IPs and unlimited scans. There are no particular pricing constraints. The only additional cost is the inherent cost of the people to actually review the actual scans.

My advice to people who are looking into implementing this product would be to just go ahead and do it. Don't be frightened about it. It is great. It does exactly what you'd expect it to do. You can use it as a stepping stone to the other Tenable products.

I would rate it a nine out of 10. It is a lovely product. It just does what you need it to do, and lets you get on with your day.

I use Tenable Nessus for vulnerability assessment so that you can scan for CVEs and existing CVEs. Tenable Nessus will show you the latest update on those vulnerabilities and where it needs patches, so it goes hand in hand with patch management. As soon as you scan, you can see whether it needs patching, and if needed, you can go ahead and deploy patch management to address the current issue.

The most valuable features of the solution are the policy and the active scan. The features are different for Tenable Security Center since it is more on an on-premises model. The solution also has features like Tenable.io and Tenable Web App Scanning.

I wouldn't want to change anything about Tenable Nessus since I haven't found or run into any issues in Tenable Nessus.

I like Tenable since I find everything related to the solution simplified and easy to use. You can approach the online community of Tenable when you run into a problem, and there is a bunch of information available there that you can gather and use for troubleshooting purposes.

I faced some problems with Tenable Nessus when dealing with some of our company's customers in China. The problems I faced with Tenable Nessus were related to its dashboard's customization capabilities and its ability to provide data to third-party sources. The solution should offer simplified data-sharing capabilities. Though we have the dashboards and can customize them, the options for customization are available in the templates provided by Tenable Nessus. It might not be possible with Tenable Nessus to add every component a person wants to a single dashboard since they can only choose whatever is available on the templates provided by Tenable Nessus. The aforementioned areas can be considered for improvement in the solution.

I have been using Tenable Nessus for two months. My company operates as a reseller of the product while also having a partnership with the solution.

Stability-wise, I rate the solution an eight out of ten.

Scalability-wise, I rate the solution an eight out of ten.

Around 90 percent of our company's customers work with Tenable Nessus.

For the solution's technical support, our company directly seeks help from the solution's vendor in Vietnam or Singapore, who are very responsive. I rate the technical support an eight out of ten.

Positive

The initial setup of Tenable Nessus is very easy. You can get the application's installation file and implement it faster than ManageEngine, making it a simple process. I rate the initial setup of Tenable Nessus a nine out of ten.

The solution is deployed on an on-premises model.

With Tenable Nessus, you have a file, and you just need to install it. In the on-premises model of the solution, you have a dashboard or console that you go to, which is like an internal website that you have set up so that you can get access to the on-premises version of the product.

I rate the product's price seven or eight on a scale of one to ten, where one is low price and ten is high price.

Tenable Nessus is a great tool. I believe everyone should be using Tenable Nessus since it is a tool that can be used for vulnerability assessment when companies face some vulnerabilities to find security holes or threats.

I rate the overall solution a nine out of ten.

We use Tenable Nessus for vulnerability scanning.

The results are not that bad, but the key selling point is that it is an affordable tool set.

It is a very easy tool to use.

We are happy with the existing features.

We are happy with the functionality, and what we get from the tool.

I am not sure. I see they have released new products that we haven't yet evaluated. I believe the new products are the opportunity for improvement that they are bringing to market. But for the time being,

They have added a new Tenable Nessus Expert. That is their new product, which caters to the cloud and everything else. 

I am assuming that the new features and product enhancements are based on that tool set, but we haven't reviewed it yet.

I have been working with Tenable Nessus for 10 years.

It's a proper toolkit, it goes a long way with us.

We are working with the latest version.

Tenable Nessus is very stable. 

I would rate the stability of this solution a five out of five.

Tenable Nessus is a scalable solution, I would rate the scalability a five out of five.

It is based on the number of endpoints. We have 1,500 endpoints in our company.

We can contact technical support using their web console. We can log a support ticket as end users, although we seldom use this feature.

I would rate their technical support a five out of five.

Positive

We are also working with Rapid7 InsightVM.

It is not as good as Rapid7 from our perspective, but it is part of our toolbox arsenal. As a result, we have it on board and solely use it internally.

It is very easy to deploy.

This solution was deployed in 30 minutes, or less. It is very easy. It is straightforward, and out of the box.

The deployment was completed in-house. We did it ourselves.

We only need one engineer to deploy and maintain this solution.

I would rate the return on investment a five out of five.

Cost-wise, it's an affordable tool.

Licensing fees are paid annually.

I would rate the licensing cost a five out of five.

I would rate Tenable Nessus a ten out of ten.

We are using Tenable Nessus for vulnerability management. Not exactly the management, but we perform vulnerability assessments mostly for internal networks. Additionally, we use Acunetix and it comes into play for the web application.

The most valuable feature of Tenable Nessus is vulnerability assessments. There are a lot of threats around the world and this solution is the first to come out with detection rules.

Tenable Nessus could improve the reporting by adding some dashboards. The reports are a hassle at this time. Tenable.io has more detailed reports. Having a better dashboard that can show where the vulnerabilities are and be categorized would be helpful. We then could present them to upper management for a deep overview of our network posture which they do not see.

I have been using Tenable Nessus for approximately seven years.

Tenable Nessus is stable.

Tenable Nessus is scalable, it can scale up and down.

We have five or six people using this solution occasionally. We have monthly schedules for scanning, the solution is not used daily.

The support of Tenable Nessus is responsive and helpful.

I rate the support from Tenable Nessus a five out of five.

Positive

I have previously used Acunetix and they are more focused on web applications instead of vulnerability assessments. Tenable Nessus lacks in this area, they should focus more on the web applications side.

The initial setup of Tenable Nessus is straightforward. There is helpful documentation that is provided.

I rate the setup of Tenable Nessus a five out of five.

We did the implementation of the solution in-house.

When comparing the price of Tenable Nessus to other similar solutions, such as Acunetix, Tenable Nessus is not as expensive. It is averagely priced in the market. We pay for the solution annually.

My advice to others wanting to implement this solution is they need to understand what will be scanned. For example, if they are using internal servers or something similar, and is it on the cloud, or web applications, this is something they need to know. It's a good idea to evaluate these things on their end before choosing to use the solution. This solution focuses more on the servers or the network security side. Acunetix focuses more on the web application side. This is where the buyer has to evaluate and know their use case.

I rate Tenable Nessus a nine out of ten.

We are using it to find out the vulnerabilities in our critical servers and to patch them.

We are using the latest version.

Tenable Nessus is good. It's the best vulnerability solution in the industry. Most organizations are using it.

In terms of what could be improved, I would say that the reporting feature needs to be improved.

Additionally, although it has the features, the enterprise edition is very limited. They need to add multiple reporting features in the enterprise edition.

I have been using Tenable Nessus for the last two years.

It is a stable product.

Tenable Nessus is a vulnerability product. We have two to three users who are running it, but in terms of the end devices, because it's intended for vulnerabilities scanning and you have to scan your end devices, we have around hundred devices who are scanning with it.

It is a scalable solution.

We contacted support for some scenarios, like upgrades, new security patches, and for some customized reports.

We were satisfied with the speed of the answers. It is good support.

The initial setup is very easy.

Anyone can deploy it, even the managers, the technical teams, the engineers.

I think it took five minutes.

We installed with the help of a consultant. You can do it one time and then you will learn it very easily.

We have an annual subscription.

We also evaluated the Rapid7 Nexpose product, but it has a limitation that it supports 128 users then you have to buy another 128, but with  the Tenable Nessus enterprise edition, you have unlimited licenses to scan the device.

I would recommend Tenable Nessus.

On a scale of one to ten, I would rate it an eight.

We usually use the solution for infrastructure level and web application scanning, although mostly for the former. This is what we are doing at present. We were using the web application portion of Tenable Nessus for several months before switching to Veracode. 

A valuable feature of the solution is that it is easy to understand. When it comes to running a scan, the scanning mechanism is also easy, and it is quite fast compared to Veracode and Qualys.

The solution should have a more in-depth level of scanning, with features to meet the developers. Other points that should be addressed involve the understanding of issues by the users and the need for improvising the reporting structure. The reports should also be more attractive and user-friendly.

This is how Tenable Nessus occasionally works when drawing up something on the field.

Additional features I wish to see addressed in the next release include customer support and ease of  understanding of vulnerabilities and how they can be fixed.

In contrast to Tenable Nessus, we have found Veracode to be more user-friendly, with a greater in-depth understanding of the details and how things can be fixed. Other points in its favor include study cases, customer support, training and e-learning. 

The solution is sort of down the mid range, so we are more happy with Veracode.

We have made use of Tenable Nessus over the past 12 months, and started doing so a couple of months before we got Veracode.

The solution is reliable and has good stability. 

We have been in the web, so we have not tried to expand the solution.

We feel the solution's technical support to be very bad.

While we do receive a response upon creating a ticket, it is not like that of Qualys or Veracode. That extensive support is not there.

The initial setup was straightforward.

We deployed under the release plan of 8.11.

We incurred a single cost for a perpetual license, although I cannot comment on the price as this is above my management level.

There are at least ten people in our organization making use of the solution. 

Tenable Nessus is an appropriate solution for a small scale company, one with budgeting constraints and no complexities within the organization. It not that user-friendly.

I would rate Tenable Nessus as a seven out of ten.