We do infrastructure audits in the state, and we have a lot of organizations and customers for which we do security assessments.
Nessus (BYOL)
Tenable, Inc.External reviews
321 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Tenable is a must for Vulnerability Scanning
What do you like best about the product?
Tenable Nessus is easy to setup and easy to navigate. The reporting gives good detail to help remediate the vulnerabilities.
What do you dislike about the product?
I have been using Tenable Nessus for many years and I can't say I have any dislikes for the product.
What problems is the product solving and how is that benefiting you?
Tenable Nessus helps keep the network secure by finding vulnerabilities before they become an issue.
One of the best vulnerability scanners on the market
What do you like best about the product?
Nessus was very easy to install, and we were up and running in very little time. There are lots of various scan type options to choose from. Our third party auditors also use Nessus for internal vulnerability scans, and we were able to import their scanning template in order to do accurate post remediation scans. We were able to easily setup a weekly scan schedule. Product updates are simple and straight forward, and we recieve notification when new versions are available. The price was also within our budget.
What do you dislike about the product?
I wish Nessus had a vulnerability remediation option. Finding all the detailed vulnerabilities is only half the battle, researching the vulnerability and the fix is also time consuming. Nessus does have links to the CVE or KB docs, and many times remediation reccomendations, but the patching process is still manual. I realize that automatic remediation may not always be the best practice depending on the vulnerability, the system/device, and various other factors, but possibly some options for simple patches would be very useful.
What problems is the product solving and how is that benefiting you?
It finds and categorizes all vulnerabilities on all device types. Our previous product would only work with Windows devices for instance, so you are not getting a complete picture of your entire network. Vulnerabilities are categorized based on criticality, so you can prioritize your remediation process.
Discovers all the assets and identifies existing vulnerabilities
What is our primary use case?
How has it helped my organization?
Nessus assists you to complete the job in a shorter period of time. It discovers all the assets and identifies existing vulnerabilities in the environment.
You can then direct your team to create a report on the discovered vulnerabilities. Basically, you can use Tenable to shorten the activity and get faster results.
What needs improvement?
Tenable Nessus could include a broader range of IT assets. Nowadays, IT is not limited to laptops and desktops. It can be any environment in the organization, such as iOS or Android mobile phones.
Apart from that, organizations use APIs and specific tools. We would like Tenable to cover every aspect of IT infrastructure, not just generic systems like laptops, desktops, switches, or servers. It should include every kind of device, like Raspberry Pi. This small chunk of devices acts as sensors in several organizations.
We would like to be able to scan every device in the network, and the solution should present vulnerabilities within their system.
For how long have I used the solution?
I've been working with it for ten years.
What do I think about the stability of the solution?
Tenable is a stable solution. I would rate the stability a ten out of ten.
What do I think about the scalability of the solution?
Tenable's scalability is good. I would rate the scalability a seven out of ten.
How are customer service and support?
We have no issues with support.
Which solution did I use previously and why did I switch?
We had used some open-source solutions previously.
We made a switch to Tenable Nessus because of the vulnerability coverage. It has a huge scope.
How was the initial setup?
Nessus is quite easy. It is quite easy to deploy, quite easy for my team to use this software for vulnerability scanning. So it is very easy.
I would rate my experience with the initial setup a nine out of ten, with ten being easy.
It took one to two hours.
What about the implementation team?
We do this in-house. We, ourselves, deployed this solution.
Sometimes we take assistance from the OEM or the reseller, but generally, we make it an in-house activity.
What was our ROI?
There is a ROI in terms of cost savings, time savings and more.
What's my experience with pricing, setup cost, and licensing?
We have one user license at present. The price is okay. I would give it a seven out of ten, where one is cheap and ten is expensive.
What other advice do I have?
I would recommend it to others. It's a good solution. Overall, I would rate it an eight out of ten. In every aspect, it is good.
Automates scanning process, enhancing the ability to monitor the security landscape continuously
How has it helped my organization?
The platform is essential for vulnerability management tasks and integrates with various data management applications.
What needs improvement?
The product could have unique features similar to Qualys.
For how long have I used the solution?
We have been using Tenable Nessus for about a year to a year and a half. We are using the latest version to ensure access to all the latest features.
Which solution did I use previously and why did I switch?
While Tenable offers a robust solution, the main competitor, Qualys, has some unique features. However, Tenable has a larger market share, indicating that it has undergone extensive testing and development based on customer feedback.
How was the initial setup?
The complexity of deploying Nessus largely depends on the customer's operational environment. If the environment has diverse systems, implementation may be more complex, while a more uniform system allows for easier setup.
The timeline for implementation could range from one week to several months based on these factors.
What's my experience with pricing, setup cost, and licensing?
The product pricing is dynamic and varies based on the specific needs of each project and customer.
Discounts can be offered based on competition and project requirements, making it a relative cost depending on the context.
What other advice do I have?
The solution automates vulnerability checks, which is crucial for our customers who cannot dedicate a team to monitor security issues constantly. It notifies us of vulnerabilities as they arise, allowing us to respond quickly without manual intervention.
It automates the scanning process, allowing us to schedule regular scans, generate reports, and receive notifications about critical vulnerabilities via email. It enhances our ability to monitor the security landscape continuously.
Overall, I rate it a nine out of ten.
Tenable Nessus professional
What do you like best about the product?
Nessus has one of the largest libraries of vulnerability and configuration checks, covering a wide range of systems, devices, and applications.
Despite its comprehensive feature set, Nessus is known for its user-friendly interface, which can help users get up and running quickly.
Despite its comprehensive feature set, Nessus is known for its user-friendly interface, which can help users get up and running quickly.
What do you dislike about the product?
While Nessus is known for its comprehensive vulnerability scanning capabilities, it can sometimes produce false positives, which can lead to unnecessary work for security teams.
What problems is the product solving and how is that benefiting you?
Nessus provides comprehensive visibility into vulnerabilities across an organization's entire IT environment, which can help security teams prioritize remediation efforts and reduce risk.
Nessus is one of the powerful tool in scanning vulnerabilities.
What do you like best about the product?
The format of the report with vulnerabilities and it's associated CVE with a detailed explanation is really commendable.
What do you dislike about the product?
The limited availability of features in a free Nessus software.
What problems is the product solving and how is that benefiting you?
Unlike other scanning tools like nmap, nessus provides a detailed view of vulnerabilities with a risk score and methods to exploit. It also outlines the exact service where the vulnerability is found.
Best free to use vulnerability scanner
What do you like best about the product?
-Free to use
-Has community version where you can use Nessus for free to some extent
-Great user interface
-It also identifies miscofinguration in code
-Versatile tool
-Great dashboards and reporting mechanism
-Has community version where you can use Nessus for free to some extent
-Great user interface
-It also identifies miscofinguration in code
-Versatile tool
-Great dashboards and reporting mechanism
What do you dislike about the product?
-I have only used free community version and it has quite a few limitation with number of hosts and scans etc.
What problems is the product solving and how is that benefiting you?
I have used Nessus in past for red teaming and penitration testing puposes in past. it really helps in discovering vulnerabilities at early stage. It also provides detailed vulnerability analysis and reports which can be used be for pathcing the same. It has very clean dashboard that makes it very easy to present the current status of vulenrability to the management,
Helps to conduct monthly scans and open tickets for developers to address identified vulnerabilities
What is our primary use case?
We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure.
What needs improvement?
One significant drawback we encounter is the tool's tendency to flag patched packages incorrectly. For instance, if a package is patched by Debian maintainers but not updated to a major or minor version, Nessus may still flag it as vulnerable based on its database. This discrepancy leads to false alarms and requires our developers, system admins, and DevOps teams to address them.
It would be beneficial if it could handle minor additions to versions similar to how Debian manages its patches. This feature would allow it to differentiate between patched and non-patched versions.
For how long have I used the solution?
I have been using the product for ten years.
What do I think about the stability of the solution?
Tenable Nessus is very stable. We encountered some issues with scanning certain network equipment but resolved them by adjusting the parameters. Our main focus is scanning our servers; we haven't experienced any significant problems with that process.
What do I think about the scalability of the solution?
My company has three users.
How are customer service and support?
We haven't contacted Tenable Nessus for assistance or questions because we haven't encountered any serious issues, and we are generally satisfied with the product.
Which solution did I use previously and why did I switch?
We chose Tenable Nessus because we primarily rely on open-source products as a publicly funded institution. About ten years ago, we conducted research to determine the best option, and at that time, it stood out as the preferred choice.
How was the initial setup?
Tenable Nessus' deployment is straightforward.
What's my experience with pricing, setup cost, and licensing?
The product is free.
What other advice do I have?
I rate the overall product a nine out of ten.
A scalable and mature solution that has excellent features and provides visibility into vulnerabilities in the environment
What is our primary use case?
The solution is used to check vulnerabilities.
What is most valuable?
The product has good features. It gives us a view of the vulnerabilities like open ports and different issues with software. It is a mature tool.
What needs improvement?
The product must be more comprehensive. It must catch all the issues.
For how long have I used the solution?
I have been using the solution for a few years.
What do I think about the stability of the solution?
I rate the tool’s stability a nine out of ten. The stability could be improved.
What do I think about the scalability of the solution?
The tool is scalable. We have three users. We need a team to maintain the product.
What about the implementation team?
The deployment can be done in-house.
What other advice do I have?
I recommend the solution to others. I rate the solution a nine out of ten.
"Nessus review - One of the best tool for on-prem VM"
What do you like best about the product?
I think Nessus is a best and versatile vulnerability assessment tool that helps organizations to manage their security risks. With comprehensive coverage, advanced scanning techniques, it provides accurate vulnerability detection.
What do you dislike about the product?
Nessus in the Pro version is limited to one user. Not follow up or comparison between latest scan and recent."
What problems is the product solving and how is that benefiting you?
We are using Nessus for On-Prem Vulnerability management it fulfills our requirements.
showing 21 - 30