Automated scans and reports streamline risk security checks while interface navigation could improve
What is our primary use case?
I want to upgrade Tenable Nessus because I don't have a license, but I worked with it before. It was only for one month. We just don't have a license, but I worked for two years with this product.
I have worked with Tenable Nessus in the last month.
I used Tenable Nessus in government.
How has it helped my organization?
I see improvements in incident response times with Tenable Nessus. We have two ways to monitor: we can look online in real-time with system or page links, and when there is an issue, they write a report in email for me. When the system has an issue that somebody has found, Tenable Nessus alerts me via email.
The value that Tenable Nessus brings to my company is significant because we can see risks. It is also good to see the pages risk and system risks. It saves money.
What is most valuable?
Tenable Nessus allows me to set up automated scans and they do everything automatically. They also generate reports automatically for me.
I have used the Configuration Auditing feature of Tenable Nessus, which helps me by identifying security gaps. I found issues such as needed upgrades for the operating system and other things.
The integration capabilities of Tenable Nessus with my security ecosystem are friendly. It needs to be configured with a virtual machine and on-premise installation.
What needs improvement?
I face issues with Tenable Nessus sometimes due to upgrades. We must do system upgrades, and we have some issues with printing. We don't have the last updates.
Regarding improvements for Tenable Nessus, I think this tool has everything. The interface could be improved, particularly when moving between systems. It would be better to have buttons or tabs for navigating between different networks, as currently it requires multiple steps.
For how long have I used the solution?
I have worked with Tenable Nessus in the last month.
How are customer service and support?
I consulted with support about half a year ago. They connected through TeamViewer and helped me resolve the problem.
How was the initial setup?
Setting up Tenable Nessus is easy. It took about three hours to deploy Tenable Nessus, with approximately 30 minutes for downloading and another two hours for configuration and installation.
What other advice do I have?
I use Tenable Nessus on-premise because we have a special network, and we use it for on-premise because some systems cannot go online. I don't want external parties to know about these issues.
I scan with Tenable Nessus and get information about issues, then send it to IT people for confirmation and repair.
Tenable Nessus is a scalable solution for my environment. We had two users working with Tenable Nessus.
My rating for technical support is 10 out of 10.
I can recommend Tenable Nessus as an issue-finding tool.
I have not evaluated any other tools before working with Tenable Nessus for vulnerability management.
My overall rating for Tenable Nessus is 10 out of 10.
Experience exceeds expectations with seamless integration and ease of deployment
What is our primary use case?
The typical use case for
Tenable Nessus is mostly for the white-box scanner because
Tenable Nessus is a vulnerability assessment and vulnerability management tool. I use it for the white-box scanner, which operates inside the firewall, not the black box.
What is most valuable?
The best features of Tenable Nessus include its compatibility with other applications such as
SIEM and other apps, allowing Tenable Nessus to work smoothly with them. That's the best for Tenable Nessus, but for the speed of scanning, it falls behind
Rapid7 Metasploit.
The reporting feature in Tenable Nessus is very good, and it's easier to understand than Rapid7.
What needs improvement?
The most that Tenable Nessus could improve is its speed because they might have put a lot of effort into compatibility issues that downgrade the speed. The most they could improve is the scanning speed. Compared to the big three such as Qualys and
Metasploit, they are the worst.
For how long have I used the solution?
I have quite a lot of experience working with Tenable Nessus, more than 10 years.
What do I think about the stability of the solution?
Tenable Nessus is a stable solution; it is scalable and stable.
What do I think about the scalability of the solution?
Tenable Nessus is a scalable solution.
How are customer service and support?
Technical support for Tenable Nessus is very good. Based on my experience, their support deserves a rating of 8 or 9 out of 10.
What's my experience with pricing, setup cost, and licensing?
My experience with the pricing, setup cost, and licensing of Tenable Nessus is that the installation is somewhat easier, but preparing the product, such as the SKU and license options, is quite tricky. They have different options such as Tenable Base and other Tenable products, which must be chosen, and it can be complex, but the installation is easier than Rapid7.
What other advice do I have?
I work in ITSEC Asia as a Senior Security Consultant, and my email address is nuki@itsecasia.com.
On a scale of 1-10, I rate Tenable Nessus an 8.
as an industry standard software when it comes to vulnerability scanning.
What do you like best about the product?
detailed reporting, customizable export options.
What do you dislike about the product?
offline updates can be difficult and can be troublesome.
What problems is the product solving and how is that benefiting you?
providing clients with actionable vulnerability data.
Its great to use Nessus for vulnerability scan
What do you like best about the product?
It can be find mostly vulnerability for our devicess
What do you dislike about the product?
Tecnical support ticket create it can be a problem if you create one you can find a solution for pluging
What problems is the product solving and how is that benefiting you?
I am scanning vulverabilities of our devices and it can be helpfull for tacking them
Vulnerability assessment actions simplified through easy access and usability
What is our primary use case?
We use
Tenable Nessus for compliance and testing known vulnerabilities from a specific set of servers that we have knowledge of as existing. We seldom use it for inventory scans, as we use other solutions like App Reviews or Outpost Scan for that purpose.
What is most valuable?
The most valuable features of
Tenable Nessus include its ease of access and quick usability. We find it straightforward to use, which is beneficial for our compliance processes. While we primarily focus on results rather than creating reports, the tool's integration capabilities allow us to act on vulnerabilities, such as creating support tickets, even if the automation is not fully deployed.
What needs improvement?
The pricing point has increased significantly in recent years. The product's pricing has roughly tripled within the last couple of years, making us reconsider renewing the license for the scanner. There is also room for improvement in terms of assisted testing, such as retrieving asset lists, integrating with information, or using port flow data to automate the process for those without asset inventory management.
For how long have I used the solution?
I have been working with Tenable Nessus for over ten years.
What was my experience with deployment of the solution?
The deployment process is fairly straightforward.
What do I think about the stability of the solution?
I have no complaints about the stability of Tenable Nessus.
What do I think about the scalability of the solution?
Tenable Nessus is definitely scalable, especially for license formats designed for scalability. However, this question is not entirely applicable to my situation since we have not explored scalability in-depth.
How are customer service and support?
We have not needed to escalate support queries since we found the necessary information in manuals.
Which solution did I use previously and why did I switch?
We previously used ExtraHop for network monitoring but transitioned to different solutions such as Suricata, Zeek, and NetFlow analysis.
How was the initial setup?
The initial setup is absolutely simple and straightforward.
What's my experience with pricing, setup cost, and licensing?
The pricing for Tenable Nessus has increased significantly, tripling over the last few years. We have not renewed the separate scanner due to the high cost.
Which other solutions did I evaluate?
We evaluated Qualys, Outpost Scan, and Rapid7 as competitors in the market.
What other advice do I have?
I rate Tenable Nessus an eight. It is usable in any organization that needs a vulnerability assessment tool. However, the pricing increases have made us reconsider renewing it. The tool could benefit from features that allow for more automation and integration, especially in retrieving asset lists and port flow data. Overall, I give it a rating of 8 out of 10.
How Nessus helps in security audits
What do you like best about the product?
Nessus helps organizations during the auditing process by providing clear reports of the vulnerabilities as they are found during the scanning. The agent helps detect vulnerable software, misconfigured settings and other security-related issues like patches. It provides the alert along with a CVE score which helps to identify the criticality and impact of the vulnerability on the organization's security. It shows the vulnerability which really needs the attention of the security team and gives accurate scanning and provides the view that which vulnerabilities should be patched first. Nessus plugin contains the vulnerability information with the remediation action which brings easy for the security team to remediate the vulnerability easily.
What do you dislike about the product?
Sometimes when we are scanning the vulnerabilities in a large environment it takes time like 2-3 days to find all the vulnerabilities of the whole environment. The scanning requires downtime from the organization so that it does not affect the production environment as sometimes it brings high traffic which interrupts the production environment.
What problems is the product solving and how is that benefiting you?
This tool, Tenable Nessus, backs the organization on its way to strengthening its cybersecurity defenses through continuous network scanning for vulnerabilities, including zero-day threats and misconfigurations, such that timely remediation can be enacted to minimize the risk of a possible breach. It allows organizations to comply with various regulations/audits (e.g., PCI DSS, HIPAA) through automated audits and real-time reporting, thereby saving organizations from penalties and maintaining the trust of their stakeholders. Therefore, it gives organizations insight into present risk prioritization and integrates into IT workflows to optimize resource allocation, reduce operational overhead, and act as a constructive tool in an organization's long-term perspective to enhance security.
AL2 based AMI Image
this help us to deploy via Service Catalog.
that is very helpful.
but currently, AMI image is build based on AL2, not 2023.
AL2 is no longer supported after July 2025.
so we want Tenable to provide AL2023 based nessus AMI.
Tenable Nessus vulnerability manager
What do you like best about the product?
The platform is very intuitive, it is easy to operate without prior knowledge, and additionally, the reliability of the results obtained at the vulnerability level is very accurate. The reports are easy to interpret and generate high value for the company in decision-making.
What do you dislike about the product?
That the technology is still On-Premises and this leads to infrastructure expenses, which generates additional costs for the organization and depreciation of this used hardware.
What problems is the product solving and how is that benefiting you?
Identification of exploitable vulnerabilities, recognition of the infrastructure, and information for their mitigation.
Generation of managerial reports.
Provided increased visibility across the organization's servers
What is our primary use case?
Tenable Nessus's primary use case is scanning endpoints and servers for vulnerabilities, outdated patches, or services. I am using it to increase visibility and dive deep into systems.
The tool is particularly used for scanning Linux servers to check for vulnerabilities and unwanted patches or services.
How has it helped my organization?
Tenable Nessus has provided increased visibility across the organization's servers. It automates the process of checking for outdated features and services across multiple servers, which would be challenging to do manually. This solution helps in detecting vulnerabilities that could go unnoticed otherwise.
What is most valuable?
The scanning and reporting features are the most valuable aspects of Tenable Nessus. The solution also provides accurate mitigations and suggestions, which have been beneficial for vulnerability management.
What needs improvement?
The user interface of Tenable Nessus feels outdated and could be more user-friendly.
Additionally, the documentation is not well-organized, which can be confusing when searching for solutions or specific information related to Tenable Nessus Professional. The reporting feature could be improved by allowing users to create their own templates instead of relying on predefined ones.
For how long have I used the solution?
I have been working with Tenable Nessus for more than six months, closer to eight months, but less than a year.
What do I think about the stability of the solution?
The solution is stable. We have not encountered any issues with missing network items or errors in API and webhook interactions. Everything works as expected.
What do I think about the scalability of the solution?
Tenable Nessus is highly scalable. It efficiently handles increasing numbers of servers without limitations. Whether managing 50 servers today or 500 tomorrow, performance or capacity are not hindered.
How are customer service and support?
The technical support is good yet could improve in terms of response time. The feedback and reply times should be faster.
Which solution did I use previously and why did I switch?
Previously, we used a Fortinet solution that also scanned source code. We switched to Tenable Nessus as our source code scanning needs had been outsourced, and we found Nessus to be fast and effective, offering remediation and mitigation components.
How was the initial setup?
The installation was straightforward, with documentation guiding the process. The challenge was in configuring the server for full network access, which was not difficult but time-consuming.
What about the implementation team?
The deployment and maintenance were handled by two cybersecurity engineers.
What was our ROI?
The return on investment is significant, primarily because it enhances visibility in identifying potential threats and managing them efficiently.
What's my experience with pricing, setup cost, and licensing?
Tenable Nessus's pricing is adequate if it is fully utilized. The cost is justified by the value it brings in terms of features and performance.
Which other solutions did I evaluate?
We evaluated other vendors, likely smaller startups. I cannot recall their names as they were not as prominent.
What other advice do I have?
For those evaluating Tenable Nessus, it is beneficial for easy detection and mitigation of security vulnerabilities. It provides comprehensive mitigations and is less time-consuming with fast scanning capabilities.
I'd rate the solution eight out of ten.
Has individual options available for web servers
What is our primary use case?
We have clients, and we are a vendor. We have deployed Tenable Nessus users with the help of the Principal on the client's environment. I have experience with the deployment and the scanning.
What is most valuable?
The features I personally like include host discovery. For web servers, there are individual options available. There are many options that are useful to us.
What needs improvement?
Sometimes, the categorization for clients was tricky at first, however, they eventually got used to it.
What do I think about the stability of the solution?
I haven't faced any issues as of now. It has been stable with no critical issues, technical issues, or downtimes.
How are customer service and support?
The support has been really cooperative. Whenever any issue arises, we contact the support, and they are always there for us. The support is pretty good.
What about the implementation team?
The deployment was done by the Tenable team, and I was part of this process.
What other advice do I have?
I definitely recommend Tenable Nessus for network scanning and other tasks.
I'd rate the solution eight out of ten.
