Nessus (BYOL)
Tenable, Inc.External reviews
292 reviews
from
External reviews are not included in the AWS star rating for the product.
Clean Interface and Simple Use.
What do you like best about the product?
Nessus is Simple and forward. The set up is easy enough for most people to complete. The user interface is clean and not bombarded with tons of bells and whistles that can sometimes be overwhelming.
What do you dislike about the product?
Only Downside can be the scan time, but that is also dependent on equipment and environment.
What problems is the product solving and how is that benefiting you?
Nessus helps me identify which assets need to be patched and allows me to easily rescan them after fixes have been applied. I can also pull a few reports
User-Friendly and Simple, But Support Scheduling Could Be Faster
What do you like best about the product?
Like how simple it is to use, also user friendly
What do you dislike about the product?
One thing that I dislike that they takes time to schedule call for support
What problems is the product solving and how is that benefiting you?
Help to find vulnerabilities with solution
Simple and Effective, But Limited to One User in Pro Version
What do you like best about the product?
I love the simplicity of Nessus and the ease of use for securing the environment
What do you dislike about the product?
I dislike the fact that the professional version only allows one user
What problems is the product solving and how is that benefiting you?
It helps identify new Windows vulnerabilities in the environment before deploying new servers
Reliable & Thorough Vulnerability Scanner – With a Few Quirks
What do you like best about the product?
Comprehensive vulnerability detection – Covers a wide range of known CVEs, misconfigurations, and compliance issues.
Low false positive rate – Findings are generally accurate, saving time on unnecessary triage.
Regular plugin updates – Constantly updated with new vulnerabilities and checks.
Flexible scan options – Supports credentialed, uncredentialed, web app, compliance, and custom scan policies.
Actionable remediation guidance – Reports often include step-by-step fixes and CVSS scoring.
Easy setup for standard scans – Basic scans are quick to configure and run.
Widely used and trusted – Well-established reputation in cybersecurity and vulnerability management.
Nessus supports / enables a variety of integrations, mostly via its APIs, export features, and plugins. Key categories include:
Low false positive rate – Findings are generally accurate, saving time on unnecessary triage.
Regular plugin updates – Constantly updated with new vulnerabilities and checks.
Flexible scan options – Supports credentialed, uncredentialed, web app, compliance, and custom scan policies.
Actionable remediation guidance – Reports often include step-by-step fixes and CVSS scoring.
Easy setup for standard scans – Basic scans are quick to configure and run.
Widely used and trusted – Well-established reputation in cybersecurity and vulnerability management.
Nessus supports / enables a variety of integrations, mostly via its APIs, export features, and plugins. Key categories include:
What do you dislike about the product?
Costs can scale quickly – Advanced features and larger environments often require premium licensing.
UI and reporting could be better – Custom reports and dashboard features are somewhat limited.
Steep learning curve for advanced use – Complex scans (e.g., with credentials or web app auth) require deeper technical knowledge.
Authenticated and web app scanning can be finicky – May need fine-tuning to work correctly with complex login flows.
Not ideal for full lifecycle VM – Lacks built-in asset management or long-term trend analysis unless integrated with Tenable.io or Tenable.sc.
Performance overhead on large networks – Can slow down scanning or miss things if not properly resourced.
UI and reporting could be better – Custom reports and dashboard features are somewhat limited.
Steep learning curve for advanced use – Complex scans (e.g., with credentials or web app auth) require deeper technical knowledge.
Authenticated and web app scanning can be finicky – May need fine-tuning to work correctly with complex login flows.
Not ideal for full lifecycle VM – Lacks built-in asset management or long-term trend analysis unless integrated with Tenable.io or Tenable.sc.
Performance overhead on large networks – Can slow down scanning or miss things if not properly resourced.
What problems is the product solving and how is that benefiting you?
The Problem Nessus Solves-
Unpatched Vulnerabilities
Misconfigurations
Compliance Gaps
Lack of Visibility into Network Assets
Manual Security Workflows
Benifits--
Reduced exposure to attacks by fixing vulnerabilities before they’re exploited.
Faster, more confident patching thanks to prioritized and verified vulnerability data.
Audit-ready reporting for security and compliance frameworks.
Improved collaboration between security and IT with actionable reports.
Better resource allocation by focusing on real risks, not just raw vulnerability counts.
Time savings through automation and integration with other tools.
Peace of mind — knowing that your environment is continuously being checked against the latest threats.
Unpatched Vulnerabilities
Misconfigurations
Compliance Gaps
Lack of Visibility into Network Assets
Manual Security Workflows
Benifits--
Reduced exposure to attacks by fixing vulnerabilities before they’re exploited.
Faster, more confident patching thanks to prioritized and verified vulnerability data.
Audit-ready reporting for security and compliance frameworks.
Improved collaboration between security and IT with actionable reports.
Better resource allocation by focusing on real risks, not just raw vulnerability counts.
Time savings through automation and integration with other tools.
Peace of mind — knowing that your environment is continuously being checked against the latest threats.
Essential Tool for Network Security Assessments
What do you like best about the product?
Nessus is easy to use, fast, and highly accurate. I like its wide vulnerability coverage, regular updates, and clear, detailed reports.
What do you dislike about the product?
The user interface can feel a bit outdated, and initial setup or scan tuning may be complex for beginners. Also, advanced features require a paid license.
What problems is the product solving and how is that benefiting you?
Nessus helps us identify and remediate vulnerabilities across our network before they can be exploited. It improves our security posture, supports compliance efforts, and saves time with automated scans and detailed reporting.
Tenable Nessus Professional
What do you like best about the product?
Its easy to setup and config for first time and tenable support is very good. we are using it every quaterly for the infra scan to make sure our infra is safe from vulnrabilities.
What do you dislike about the product?
in reporting for the same vulnerability it will show mutliple cve in differnt rows while exporting which is creating manual effort to clean
What problems is the product solving and how is that benefiting you?
it helps to identfy the vulnerabilities in the infra so that we can protect the data
excellent product it identifies misconfigs and missing patches
What do you like best about the product?
i love the scheduled scans feature along with the customizable templates. we use it mostly to identify configuration mishaps and devices needing additional patching. they have an extensible coverage of plugins
What do you dislike about the product?
The licensing complexity is the biggest issue for me. there is no central management in the base product you have to upgrade to tenable sc. There also a few false positives.
What problems is the product solving and how is that benefiting you?
There are so many devices to locate tenable finds the unknows with ease. it is also highly customizable. All of devices are able to be scanned without the need of additional products,
as an industry standard software when it comes to vulnerability scanning.
What do you like best about the product?
detailed reporting, customizable export options.
What do you dislike about the product?
offline updates can be difficult and can be troublesome.
What problems is the product solving and how is that benefiting you?
providing clients with actionable vulnerability data.
Its great to use Nessus for vulnerability scan
What do you like best about the product?
It can be find mostly vulnerability for our devicess
What do you dislike about the product?
Tecnical support ticket create it can be a problem if you create one you can find a solution for pluging
What problems is the product solving and how is that benefiting you?
I am scanning vulverabilities of our devices and it can be helpfull for tacking them
How Nessus helps in security audits
What do you like best about the product?
Nessus helps organizations during the auditing process by providing clear reports of the vulnerabilities as they are found during the scanning. The agent helps detect vulnerable software, misconfigured settings and other security-related issues like patches. It provides the alert along with a CVE score which helps to identify the criticality and impact of the vulnerability on the organization's security. It shows the vulnerability which really needs the attention of the security team and gives accurate scanning and provides the view that which vulnerabilities should be patched first. Nessus plugin contains the vulnerability information with the remediation action which brings easy for the security team to remediate the vulnerability easily.
What do you dislike about the product?
Sometimes when we are scanning the vulnerabilities in a large environment it takes time like 2-3 days to find all the vulnerabilities of the whole environment. The scanning requires downtime from the organization so that it does not affect the production environment as sometimes it brings high traffic which interrupts the production environment.
What problems is the product solving and how is that benefiting you?
This tool, Tenable Nessus, backs the organization on its way to strengthening its cybersecurity defenses through continuous network scanning for vulnerabilities, including zero-day threats and misconfigurations, such that timely remediation can be enacted to minimize the risk of a possible breach. It allows organizations to comply with various regulations/audits (e.g., PCI DSS, HIPAA) through automated audits and real-time reporting, thereby saving organizations from penalties and maintaining the trust of their stakeholders. Therefore, it gives organizations insight into present risk prioritization and integrates into IT workflows to optimize resource allocation, reduce operational overhead, and act as a constructive tool in an organization's long-term perspective to enhance security.
showing 1 - 10