We are using Tenable Nessus Professional. We are not using Security Center and other Tenable products. For penetration test suites, we are using Tenable Nessus solution for the first step of our penetration testing.
Nessus (BYOL)
Tenable, Inc.External reviews
321 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Robust and reliable vulnerability scanner for all needs
What do you like best about the product?
- Ease of Use: Neat and intuitive interface, and I got use to it pretty quickly;
- Frequency of use - It is easy and pleasent to use Nessus often without any hassle.
- Up-to-Date: There are regular updates keep the vulnerability database current, it is posible to update in offline environment as well.
- Comprehensive Reports: Detailed insights.
- Frequency of use - It is easy and pleasent to use Nessus often without any hassle.
- Up-to-Date: There are regular updates keep the vulnerability database current, it is posible to update in offline environment as well.
- Comprehensive Reports: Detailed insights.
What do you dislike about the product?
- Remeditaion recommendations: Could be sometimes more detailed but in generally works pretty grat
What problems is the product solving and how is that benefiting you?
Nessus identifies and categorizes vulnerabilities across our systems, helping us proactively secure against potential threats.
Automated scans reduce manual work and save our time.
Automated scans reduce manual work and save our time.
Comprehensive Security and Up-to-Date CVE Databases
What do you like best about the product?
I value its practical features, the current CVE databases, and the comprehensive security measures it offers.
What do you dislike about the product?
The disadvantages include the cost, the potential effect on system performance, and the requirement to manually apply patches.
What problems is the product solving and how is that benefiting you?
The vulnerability detection is highly efficient, and the availability of ready-made scan templates makes the process straightforward. Reports are clear, with well-defined risk classifications.
Customization and Ease of Integration that Surprise
What do you like best about the product?
The customization of each scan that I can perform in the tool. With daily use, it is possible to learn and see how the tool is easy to configure and integrate with some systems.
What do you dislike about the product?
The visibility is excellent and the customer support provided is very quick and completely helpful. As I use it every day, contacting support becomes increasingly simple.
What problems is the product solving and how is that benefiting you?
Tenable Nessus helps analyze the environment, check the attack surface, correct and mitigate failures in the environment.
Clean Interface and Simple Use.
What do you like best about the product?
Nessus is Simple and forward. The set up is easy enough for most people to complete. The user interface is clean and not bombarded with tons of bells and whistles that can sometimes be overwhelming.
What do you dislike about the product?
Only Downside can be the scan time, but that is also dependent on equipment and environment.
What problems is the product solving and how is that benefiting you?
Nessus helps me identify which assets need to be patched and allows me to easily rescan them after fixes have been applied. I can also pull a few reports
Reliable & Thorough Vulnerability Scanner – With a Few Quirks
What do you like best about the product?
Comprehensive vulnerability detection – Covers a wide range of known CVEs, misconfigurations, and compliance issues.
Low false positive rate – Findings are generally accurate, saving time on unnecessary triage.
Regular plugin updates – Constantly updated with new vulnerabilities and checks.
Flexible scan options – Supports credentialed, uncredentialed, web app, compliance, and custom scan policies.
Actionable remediation guidance – Reports often include step-by-step fixes and CVSS scoring.
Easy setup for standard scans – Basic scans are quick to configure and run.
Widely used and trusted – Well-established reputation in cybersecurity and vulnerability management.
Nessus supports / enables a variety of integrations, mostly via its APIs, export features, and plugins. Key categories include:
Low false positive rate – Findings are generally accurate, saving time on unnecessary triage.
Regular plugin updates – Constantly updated with new vulnerabilities and checks.
Flexible scan options – Supports credentialed, uncredentialed, web app, compliance, and custom scan policies.
Actionable remediation guidance – Reports often include step-by-step fixes and CVSS scoring.
Easy setup for standard scans – Basic scans are quick to configure and run.
Widely used and trusted – Well-established reputation in cybersecurity and vulnerability management.
Nessus supports / enables a variety of integrations, mostly via its APIs, export features, and plugins. Key categories include:
What do you dislike about the product?
Costs can scale quickly – Advanced features and larger environments often require premium licensing.
UI and reporting could be better – Custom reports and dashboard features are somewhat limited.
Steep learning curve for advanced use – Complex scans (e.g., with credentials or web app auth) require deeper technical knowledge.
Authenticated and web app scanning can be finicky – May need fine-tuning to work correctly with complex login flows.
Not ideal for full lifecycle VM – Lacks built-in asset management or long-term trend analysis unless integrated with Tenable.io or Tenable.sc.
Performance overhead on large networks – Can slow down scanning or miss things if not properly resourced.
UI and reporting could be better – Custom reports and dashboard features are somewhat limited.
Steep learning curve for advanced use – Complex scans (e.g., with credentials or web app auth) require deeper technical knowledge.
Authenticated and web app scanning can be finicky – May need fine-tuning to work correctly with complex login flows.
Not ideal for full lifecycle VM – Lacks built-in asset management or long-term trend analysis unless integrated with Tenable.io or Tenable.sc.
Performance overhead on large networks – Can slow down scanning or miss things if not properly resourced.
What problems is the product solving and how is that benefiting you?
The Problem Nessus Solves-
Unpatched Vulnerabilities
Misconfigurations
Compliance Gaps
Lack of Visibility into Network Assets
Manual Security Workflows
Benifits--
Reduced exposure to attacks by fixing vulnerabilities before they’re exploited.
Faster, more confident patching thanks to prioritized and verified vulnerability data.
Audit-ready reporting for security and compliance frameworks.
Improved collaboration between security and IT with actionable reports.
Better resource allocation by focusing on real risks, not just raw vulnerability counts.
Time savings through automation and integration with other tools.
Peace of mind — knowing that your environment is continuously being checked against the latest threats.
Unpatched Vulnerabilities
Misconfigurations
Compliance Gaps
Lack of Visibility into Network Assets
Manual Security Workflows
Benifits--
Reduced exposure to attacks by fixing vulnerabilities before they’re exploited.
Faster, more confident patching thanks to prioritized and verified vulnerability data.
Audit-ready reporting for security and compliance frameworks.
Improved collaboration between security and IT with actionable reports.
Better resource allocation by focusing on real risks, not just raw vulnerability counts.
Time savings through automation and integration with other tools.
Peace of mind — knowing that your environment is continuously being checked against the latest threats.
Audio clarity issues need addressing
What is our primary use case?
What is most valuable?
The solution provides time saving and cost saving benefits.
What needs improvement?
The integration part is not good because five years ago, Tenable Nessus had more integration capability. After that, Tenable changed their policies and strategy. They pushed users toward Security Center and disabled Tenable Nessus integration features.
This is Tenable's property. They want to sell Tenable Security Center, and they closed all the API capability for Tenable Nessus Professional. The Jira integration is good, but it does not make sense for Tenable because they want to sell Security Center, which is more expensive than Tenable Nessus.
For how long have I used the solution?
We have been using the solution for more than ten years.
What do I think about the stability of the solution?
The solution is not scalable but stable.
What do I think about the scalability of the solution?
The solution is not scalable but stable.
How are customer service and support?
I am not using Tenable support. I can usually fix all of the issues myself. I don't need support for Tenable Nessus.
What other advice do I have?
The solution is not perfect, but it is okay. I am both a customer and have a partnership with Tenable. Quick scan is good and sufficient for our needs. The solution is very easy to use. We are deploying it in our organization.
On a scale from one to ten, I rate Tenable Nessus a seven out of ten.
Automated scans and reports streamline risk security checks while interface navigation could improve
What is our primary use case?
I want to upgrade Tenable Nessus because I don't have a license, but I worked with it before. It was only for one month. We just don't have a license, but I worked for two years with this product.
I have worked with Tenable Nessus in the last month.
I used Tenable Nessus in government.
How has it helped my organization?
I see improvements in incident response times with Tenable Nessus. We have two ways to monitor: we can look online in real-time with system or page links, and when there is an issue, they write a report in email for me. When the system has an issue that somebody has found, Tenable Nessus alerts me via email.
The value that Tenable Nessus brings to my company is significant because we can see risks. It is also good to see the pages risk and system risks. It saves money.
What is most valuable?
Tenable Nessus allows me to set up automated scans and they do everything automatically. They also generate reports automatically for me.
I have used the Configuration Auditing feature of Tenable Nessus, which helps me by identifying security gaps. I found issues such as needed upgrades for the operating system and other things.
The integration capabilities of Tenable Nessus with my security ecosystem are friendly. It needs to be configured with a virtual machine and on-premise installation.
What needs improvement?
I face issues with Tenable Nessus sometimes due to upgrades. We must do system upgrades, and we have some issues with printing. We don't have the last updates.
Regarding improvements for Tenable Nessus, I think this tool has everything. The interface could be improved, particularly when moving between systems. It would be better to have buttons or tabs for navigating between different networks, as currently it requires multiple steps.
For how long have I used the solution?
I have worked with Tenable Nessus in the last month.
How are customer service and support?
I consulted with support about half a year ago. They connected through TeamViewer and helped me resolve the problem.
How was the initial setup?
Setting up Tenable Nessus is easy. It took about three hours to deploy Tenable Nessus, with approximately 30 minutes for downloading and another two hours for configuration and installation.
What other advice do I have?
I use Tenable Nessus on-premise because we have a special network, and we use it for on-premise because some systems cannot go online. I don't want external parties to know about these issues.
I scan with Tenable Nessus and get information about issues, then send it to IT people for confirmation and repair.
Tenable Nessus is a scalable solution for my environment. We had two users working with Tenable Nessus.
My rating for technical support is 10 out of 10.
I can recommend Tenable Nessus as an issue-finding tool.
I have not evaluated any other tools before working with Tenable Nessus for vulnerability management.
My overall rating for Tenable Nessus is 10 out of 10.
How Nessus helps in security audits
What do you like best about the product?
Nessus helps organizations during the auditing process by providing clear reports of the vulnerabilities as they are found during the scanning. The agent helps detect vulnerable software, misconfigured settings and other security-related issues like patches. It provides the alert along with a CVE score which helps to identify the criticality and impact of the vulnerability on the organization's security. It shows the vulnerability which really needs the attention of the security team and gives accurate scanning and provides the view that which vulnerabilities should be patched first. Nessus plugin contains the vulnerability information with the remediation action which brings easy for the security team to remediate the vulnerability easily.
What do you dislike about the product?
Sometimes when we are scanning the vulnerabilities in a large environment it takes time like 2-3 days to find all the vulnerabilities of the whole environment. The scanning requires downtime from the organization so that it does not affect the production environment as sometimes it brings high traffic which interrupts the production environment.
What problems is the product solving and how is that benefiting you?
This tool, Tenable Nessus, backs the organization on its way to strengthening its cybersecurity defenses through continuous network scanning for vulnerabilities, including zero-day threats and misconfigurations, such that timely remediation can be enacted to minimize the risk of a possible breach. It allows organizations to comply with various regulations/audits (e.g., PCI DSS, HIPAA) through automated audits and real-time reporting, thereby saving organizations from penalties and maintaining the trust of their stakeholders. Therefore, it gives organizations insight into present risk prioritization and integrates into IT workflows to optimize resource allocation, reduce operational overhead, and act as a constructive tool in an organization's long-term perspective to enhance security.
Tenable Nessus vulnerability manager
What do you like best about the product?
The platform is very intuitive, it is easy to operate without prior knowledge, and additionally, the reliability of the results obtained at the vulnerability level is very accurate. The reports are easy to interpret and generate high value for the company in decision-making.
What do you dislike about the product?
That the technology is still On-Premises and this leads to infrastructure expenses, which generates additional costs for the organization and depreciation of this used hardware.
What problems is the product solving and how is that benefiting you?
Identification of exploitable vulnerabilities, recognition of the infrastructure, and information for their mitigation.
Generation of managerial reports.
Generation of managerial reports.
Nessus is a great tool for vulnerability scanning and remediation guidance
What do you like best about the product?
Nessus is a powerful tool with extensive reporting and automation.
What do you dislike about the product?
I haven't found anything to dislike about Nessus.
What problems is the product solving and how is that benefiting you?
Tenable Nessus scans our external and internal network resources, analyzes vulnerabilities and provides guidance on mitigating those risks. Scheduled scan results are sent to our team to analyze and respond accordingly.
showing 1 - 10