Nessus (BYOL)
Tenable, Inc. | 10.7.2Linux/Unix, Amazon Linux 20240318 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
Nessus is a top tier scanner that is easy to use and effective at finding vulnerabilities.
What do you like best about the product?
Ease of use. The application is easy to setup and use with canned templates that get you scanning for what you need to find. The scan results are among the most accurate I have seen which is welcome in this day and age.
What do you dislike about the product?
The scan results could be easier to read. Sometimes I find the scan results to be a bit difficult to read with the current setup. However after you play around with the settings a little and get used to the format it is not an issue.
What problems is the product solving and how is that benefiting you?
For me vulnerability threat management and tracking installed patches is the primary use of Nessus. The benefits of using Nessus is getting a well priced top tier application for a fair price.
- Leave a Comment |
- Mark review as helpful
effective but lacks polish
What do you like best about the product?
the detail on the vulnerabilities and recommended fixes
What do you dislike about the product?
The graphical user interface. and reports need improvement.
What problems is the product solving and how is that benefiting you?
Compliance
Nessus works well
What do you like best about the product?
The amount/variety of plugins that cover just about everything you need to scan for, both new/0 day threats and past.
What do you dislike about the product?
Reporting could be better in Nessus Pro (I don't have exposure to other levels to see if there is better reporting)
What problems is the product solving and how is that benefiting you?
Making sure systems are updated with the necessary patches. A nice benefit is seeing the biggest bang for our buck (deploy one patch will fix 80% of critical issues for example)
Recommendations to others considering the product:
Make sure the reporting matches your needs, otherwise it's great
Solid product for security and compliance
What do you like best about the product?
The job scheduling features make it easy for me to run scans quarterly.
What do you dislike about the product?
Sometimes, I feel it is a little slow with the scans, the machine is pretty robust that we run it on.
What problems is the product solving and how is that benefiting you?
Compliance issues with ISO and SOC
Great Pro tool for scannig
What do you like best about the product?
Variety of tools, not only vulnerabilities, compliance scans as well
What do you dislike about the product?
Price, it would be great that this can be modular so price can be less
What problems is the product solving and how is that benefiting you?
It helps a lot with our PCI-DSS audits
Recommendations to others considering the product:
Buy it !!
Great for Compliance
What do you like best about the product?
I like that you can set the scans up manual and have them scheduled. I love the customer support.
What do you dislike about the product?
I do not like that you cannot scan applications or webservers.
What problems is the product solving and how is that benefiting you?
scanning applications and webservers. I like the reporting tools and compliance validity of the compliance control sets via the same set the IRS uses. That makes it definitely more valuable than using any other vulnerability tool. This tool tells you what controls are missing as well as what controls need to have improvement and if you use the same files as the IRS uses you are sure to pass any safeguard review/audit. I have my security administrator use it just because of that reason. I wish Nessus could run scans on different types of software but I'm not sure how that is even possible. If there were any improvements to be made it would be on webservers and applications. However, if your just checking your audits against safeguard reviews, this will get you passed.
Recommendations to others considering the product:
I WOULD try to figure out how to have Nessus run vulnerability scans on software, if that is possible. If I could improve Nessus I would find a way to make it take up less band with when doing network scans, find a way to get it to scan different types of software and also, get it to scan webservers. Nessus for me needs to keep staying in compliance with the IRS publication 1075 and NIST 800-53 series. If Nessus can do that then it will continue to hold its excessive valuableness. Federal guidelines are the way that I would go if I were a Nessus developer/tester.
Nessus review
What do you like best about the product?
Cost is the biggest factor, the functionality is on par with other commercial solutions but at a reasonable price point and licensing model. The solution is also extremely stable. The information presented in reports is easy to understand and can be put infront of a non-technical audience, a junior admin, network engineer or audit team.
What do you dislike about the product?
Nessus professional lacks robust data management and compression, scan history can grow rapidly out of control. We have been forced to implement so scripting outside of the tool to perform housekeeping activities that would be better served natively.
What problems is the product solving and how is that benefiting you?
Nessus is our primary risk analysis tool and is the foundation of how we demonstrate risk mitigation to our Clients. We can rapidly get Client security buy in to go live once we present the Nessus compliance and vulnerability reports. By reducing the time to get Client sign off we are able to realize revenue sooner.
Recommendations to others considering the product:
Evaluate what you plan to do with the information you receive from the tool, prioritize information that is highest risk and be sure to get support from you business to move toward integrating Nessus into your risk programs life cycle
One solution for all vulnerability scans
What do you like best about the product?
Nessus' ability to automatically updating plugins everyday, schedule scans and sending reports on emails upon scan completion.
What do you dislike about the product?
Plugins are not released every day. Some times they are delayed after couple of days.
What problems is the product solving and how is that benefiting you?
We are scanning our OS/software for any vulnerabilities and fixing them before releasing them to customer's systems. Customers are happy that we are fixing the vulnerabilities before they even realize it. Customers now have more trust in us.
Recommendations to others considering the product:
It is very easy to use. You need to set it up only once and then no need to do any maintenance. Great product
SQL Developer
What do you like best about the product?
Slick UI, export to Excel option is great for data management
What do you dislike about the product?
We do weekly scans and false positives in general around Windows 10 are a bit annoying. Tenable is pretty quick to update their plugins however.
What problems is the product solving and how is that benefiting you?
Find out of compliance machines for security patching, other new issues we didn't know about.
Nessus price to features
What do you like best about the product?
Cost and Control.
Allot of flexibility in a single application that we can host ourselves.
Allot of flexibility in a single application that we can host ourselves.
What do you dislike about the product?
Licensing and the restrictions in the latest release.
What problems is the product solving and how is that benefiting you?
Compliance certification readiness and overall system hardening based on results.
Recommendations to others considering the product:
Seems with the new licensing, they are going back in the wrong direction
showing 211 - 220