We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network equipment, and appliances in our infrastructure.
Nessus (BYOL)
Tenable, Inc.External reviews
321 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Tenable Nessus professional
What do you like best about the product?
Nessus has one of the largest libraries of vulnerability and configuration checks, covering a wide range of systems, devices, and applications.
Despite its comprehensive feature set, Nessus is known for its user-friendly interface, which can help users get up and running quickly.
Despite its comprehensive feature set, Nessus is known for its user-friendly interface, which can help users get up and running quickly.
What do you dislike about the product?
While Nessus is known for its comprehensive vulnerability scanning capabilities, it can sometimes produce false positives, which can lead to unnecessary work for security teams.
What problems is the product solving and how is that benefiting you?
Nessus provides comprehensive visibility into vulnerabilities across an organization's entire IT environment, which can help security teams prioritize remediation efforts and reduce risk.
Nessus is one of the powerful tool in scanning vulnerabilities.
What do you like best about the product?
The format of the report with vulnerabilities and it's associated CVE with a detailed explanation is really commendable.
What do you dislike about the product?
The limited availability of features in a free Nessus software.
What problems is the product solving and how is that benefiting you?
Unlike other scanning tools like nmap, nessus provides a detailed view of vulnerabilities with a risk score and methods to exploit. It also outlines the exact service where the vulnerability is found.
Best free to use vulnerability scanner
What do you like best about the product?
-Free to use
-Has community version where you can use Nessus for free to some extent
-Great user interface
-It also identifies miscofinguration in code
-Versatile tool
-Great dashboards and reporting mechanism
-Has community version where you can use Nessus for free to some extent
-Great user interface
-It also identifies miscofinguration in code
-Versatile tool
-Great dashboards and reporting mechanism
What do you dislike about the product?
-I have only used free community version and it has quite a few limitation with number of hosts and scans etc.
What problems is the product solving and how is that benefiting you?
I have used Nessus in past for red teaming and penitration testing puposes in past. it really helps in discovering vulnerabilities at early stage. It also provides detailed vulnerability analysis and reports which can be used be for pathcing the same. It has very clean dashboard that makes it very easy to present the current status of vulenrability to the management,
Helps to conduct monthly scans and open tickets for developers to address identified vulnerabilities
What is our primary use case?
What needs improvement?
One significant drawback we encounter is the tool's tendency to flag patched packages incorrectly. For instance, if a package is patched by Debian maintainers but not updated to a major or minor version, Nessus may still flag it as vulnerable based on its database. This discrepancy leads to false alarms and requires our developers, system admins, and DevOps teams to address them.
It would be beneficial if it could handle minor additions to versions similar to how Debian manages its patches. This feature would allow it to differentiate between patched and non-patched versions.
For how long have I used the solution?
I have been using the product for ten years.
What do I think about the stability of the solution?
Tenable Nessus is very stable. We encountered some issues with scanning certain network equipment but resolved them by adjusting the parameters. Our main focus is scanning our servers; we haven't experienced any significant problems with that process.
What do I think about the scalability of the solution?
My company has three users.
How are customer service and support?
We haven't contacted Tenable Nessus for assistance or questions because we haven't encountered any serious issues, and we are generally satisfied with the product.
Which solution did I use previously and why did I switch?
We chose Tenable Nessus because we primarily rely on open-source products as a publicly funded institution. About ten years ago, we conducted research to determine the best option, and at that time, it stood out as the preferred choice.
How was the initial setup?
Tenable Nessus' deployment is straightforward.
What's my experience with pricing, setup cost, and licensing?
The product is free.
What other advice do I have?
I rate the overall product a nine out of ten.
Great vulnerability scanning tool, found very useful
What do you like best about the product?
Its accuracy is really high while scanning for vulnerabilities. along with this it has large supported plugins for extend coverage.
What do you dislike about the product?
It can deep dive for product like Zscaler or Netskope
What problems is the product solving and how is that benefiting you?
it is helping to scan vulnerability in my hybrid environment. also this is integrayed with HCL BigFix.
A scalable and mature solution that has excellent features and provides visibility into vulnerabilities in the environment
What is our primary use case?
The solution is used to check vulnerabilities.
What is most valuable?
The product has good features. It gives us a view of the vulnerabilities like open ports and different issues with software. It is a mature tool.
What needs improvement?
The product must be more comprehensive. It must catch all the issues.
For how long have I used the solution?
I have been using the solution for a few years.
What do I think about the stability of the solution?
I rate the tool’s stability a nine out of ten. The stability could be improved.
What do I think about the scalability of the solution?
The tool is scalable. We have three users. We need a team to maintain the product.
What about the implementation team?
The deployment can be done in-house.
What other advice do I have?
I recommend the solution to others. I rate the solution a nine out of ten.
"Nessus review - One of the best tool for on-prem VM"
What do you like best about the product?
I think Nessus is a best and versatile vulnerability assessment tool that helps organizations to manage their security risks. With comprehensive coverage, advanced scanning techniques, it provides accurate vulnerability detection.
What do you dislike about the product?
Nessus in the Pro version is limited to one user. Not follow up or comparison between latest scan and recent."
What problems is the product solving and how is that benefiting you?
We are using Nessus for On-Prem Vulnerability management it fulfills our requirements.
One stop solution for Vulnerability Detection and Management
What do you like best about the product?
1. Detection capabilities are quite good in comparison to number of other similar solutions.
2. Easy to navigate and use GUI.
3. Most important, their plugin repo is always to the mark and updated, which help detects critical vulnerability without significant delays.
2. Easy to navigate and use GUI.
3. Most important, their plugin repo is always to the mark and updated, which help detects critical vulnerability without significant delays.
What do you dislike about the product?
1. Nothing as such to complain of, as the major purpose is being handled in very efficient way, though scan time and results sometimes remain inconsistent.
What problems is the product solving and how is that benefiting you?
Detecting vulnerabilties(network based or system based) across organisation and help us indetify potential backdoor/loopwholes in the environment, patvhing them on time help us save from malicious adversaries.
Leading and best vulnerability scanning tool
What do you like best about the product?
1. Tenable Nessus is always up-to-date with the vulnerabilities database which scans for all the latest vulnerabilities.
2. They provide decent customer support.
3. It solves the implementation in 2 ways - agent-based and credentials-based.
4. It provides an interactive and nice GUI as well along with easy integration with other tools.
2. They provide decent customer support.
3. It solves the implementation in 2 ways - agent-based and credentials-based.
4. It provides an interactive and nice GUI as well along with easy integration with other tools.
What do you dislike about the product?
It cannot pull asset tags itself. We need to set up a whole different automation to ingest custom asset tags into Tenable nessus.
What problems is the product solving and how is that benefiting you?
It is solving a great organizational problem of vulnerabilities on the hosts and applications on it by reducing the attack surface for the attacker with scheduled scans, custom scan template and extensive vulnerability database.
Provides good scalability, but there could be more learning documentation
What is our primary use case?
We use Tenable Nessus for asset and vulnerability management.
What is most valuable?
The product's most valuable features are vulnerability and asset management. It can define the rules and validate the configuration.
What needs improvement?
There could be an integration between Tenable Nessus and other Tenable products. It will help us manage all the solutions using one dashboard. Additionally, they should include more learning material to know about the product.
For how long have I used the solution?
We have been using Tenable Nessus for one year.
What do I think about the stability of the solution?
The product has good stability.
What do I think about the scalability of the solution?
We have more than 50 Tenable Nessus users in our organization. It is a scalable platform.
How was the initial setup?
Tenable Nessus is easy to deploy and manage.
What other advice do I have?
I recommend Tenable Nessus to others and rate it a seven out of ten.
showing 41 - 50