I mostly work with the cloud version of the product. Based on my customers' experience, they mostly use Microsoft Azure. My customers utilize a hybrid cloud setup where we use on-premises and cloud solutions because we have air-gapped customers who have no other option than to use on-premises. The customers who have cloud access and are open to using cloud solutions are using Tenable One, which is a cloud-based solution.
Nessus (BYOL)
Tenable, Inc.External reviews
321 reviews
from
and
External reviews are not included in the AWS star rating for the product.
User-Friendly Vulnerability Scanner
What do you like best about the product?
We use Tenable Nessus as our business vulnerability scanner, and appreciate its ability to scan our VLANs, report CVEs, and suggest remediation. We like that Nessus helps us stay compliant with CIS18 and ensures we aren't missing any "invisible" problems on our network. What stands out is its more user-friendly interface compared to other scanners we've used, and we find it convenient that it doesn't force us to create our own reporting.
What do you dislike about the product?
We would love even more customization in the UI. The ability to download additional reports, create new views, etc would be great.
What problems is the product solving and how is that benefiting you?
We use Tenable Nessus as a business vulnerability scanner to scan VLANs, report CVEs, and suggest remediation. It helps us stay compliant with CIS18 and uncovers invisible network problems.
Accurate, Fast Vulnerability Scanning You Can Rely On
What do you like best about the product?
Accurate, fast vulnerability scanning tool
What do you dislike about the product?
Limited automation, not very comprehensive reporting
What problems is the product solving and how is that benefiting you?
Finds vulnerability fast, thereby reducing risk and exposure
Hybrid deployments have strengthened vulnerability visibility and streamlined security reporting
What is our primary use case?
What is most valuable?
I would not personally speak to what I like about Tenable Nessus, because I think the only reason many customers are using it is because it is well-known and they have received directives from their companies or mother companies. For me, the key value is the ease of use and integration with SIEMs because it has built-in integrations with IBM QRadar and others. Tenable Nessus is typically a widely integrated tool within the existing security ecosystem. It is part of the security policy that customers have implemented, so it does provide positive impact and is beneficial to use Tenable Nessus.
What needs improvement?
I would not personally speak to what other features I would like to see in future updates of Tenable Nessus; this is perhaps more a question for the customers rather than for me. Based on what customers typically use, what they need to meet all requirements and security requirements is currently available. However, for some customers, they would like to have more assistance as they are becoming accustomed to AI co-pilots. An AI feature that helps them discover options without requiring them to deep dive into all features or guides them through advisory functions would be beneficial.
For how long have I used the solution?
I have been implementing the product for four or five years.
How are customer service and support?
The technical support from Tenable is adequate. When a customer opened a ticket, they did not reach out to us directly. I know that they opened the ticket but did not get back to us, so I believe the ticket was resolved; otherwise, they would have informed us.
What about the implementation team?
Within the company, we have two people who are dealing with Tenable Nessus. Beyond Tenable Nessus, they are also dealing with Rapid7 scanners as we provide multiple solutions for vulnerability scanning.
What was our ROI?
It remains acceptable for us to use and sell Tenable Nessus because we can still bring in revenue, so it continues to be worthwhile.
What's my experience with pricing, setup cost, and licensing?
Based on my experience, the pricing for Tenable Nessus is somewhat higher, but customers still want to pay for it, so it remains acceptable. The annual price increase of six to seven percent could potentially be lower, which would be beneficial. However, when we compare it to other solutions, it is more difficult for us to negotiate the price for Tenable Nessus than to negotiate the price with Rapid7.
What other advice do I have?
We are not using Tenable Nessus internally; we are only providing it to our customers. The implementation of Tenable Nessus depends on the scenario and is straightforward for us. The implementation process does not take much time for me personally. However, it typically requires at least one day because you need to fine-tune the configuration, as it is not simply setting it up; troubleshooting and fine-tuning also take time. For a simple implementation that is not distributed or large-scale, it usually takes about one day. When we find something in Tenable Nessus, we use automation to help us with that, combining it with automation. For me, this approach is acceptable. My customers do not appear to utilize Tenable Nessus' configuration auditing feature. I have used the reporting features with Tenable Nessus where customers conduct scheduled vulnerability scans plus default scans for CVEs, and they have reporting scheduled to send all reports to the CSOs. As the partner rather than the end user, I do not deal with tickets frequently. I rate the support from Tenable at eight out of ten. I give this review an overall rating of nine out of ten.
Robust and reliable vulnerability scanner for all needs
What do you like best about the product?
- Ease of Use: Neat and intuitive interface, and I got use to it pretty quickly;
- Frequency of use - It is easy and pleasent to use Nessus often without any hassle.
- Up-to-Date: There are regular updates keep the vulnerability database current, it is posible to update in offline environment as well.
- Comprehensive Reports: Detailed insights.
- Frequency of use - It is easy and pleasent to use Nessus often without any hassle.
- Up-to-Date: There are regular updates keep the vulnerability database current, it is posible to update in offline environment as well.
- Comprehensive Reports: Detailed insights.
What do you dislike about the product?
- Remeditaion recommendations: Could be sometimes more detailed but in generally works pretty grat
What problems is the product solving and how is that benefiting you?
Nessus identifies and categorizes vulnerabilities across our systems, helping us proactively secure against potential threats.
Automated scans reduce manual work and save our time.
Automated scans reduce manual work and save our time.
User-Friendly IP Scanning with Audit-Friendly Compliance Reports
What do you like best about the product?
It’s very user-friendly to start a basic scan of IP addresses. As a non-developer, I was able to learn the interface quickly and run the scan without much effort. The reports are audit-friendly, and we were able to submit them for compliance purposes.
What do you dislike about the product?
The report is provided in PDF format, so we’re not able to assign specific vulnerabilities to the appropriate teams. It would be very helpful if the reports could also be exported to a format like Excel, so we can allocate vulnerabilities to the respective team members more easily.
What problems is the product solving and how is that benefiting you?
Through DAST scanning, we are able to identify vulnerabilities both immediately after deployment and on a continuous basis. This helps a lot to improve the security posture of the organisation as a whole. We track the security posture through NIST framework and this perfectly fits to improve the score.
It's an excellent vulnerability scanner.
What do you like best about the product?
We are able to quickly spot PCs that are highly vulnerable.
What do you dislike about the product?
We would appreciate it if the list could be sorted by PC name rather than by IP address.
What problems is the product solving and how is that benefiting you?
By identifying vulnerable PCs, we are able to improve overall security.
Comprehensive Security and Up-to-Date CVE Databases
What do you like best about the product?
I value its practical features, the current CVE databases, and the comprehensive security measures it offers.
What do you dislike about the product?
The disadvantages include the cost, the potential effect on system performance, and the requirement to manually apply patches.
What problems is the product solving and how is that benefiting you?
The vulnerability detection is highly efficient, and the availability of ready-made scan templates makes the process straightforward. Reports are clear, with well-defined risk classifications.
Powerful Vulnerability Scanner, Rapid Learning Curve
What do you like best about the product?
I think Tenable Nessus is a very popular toolset that stands out because of its usability, allowing me to learn and use it quickly without requiring extensive training or facing a steep learning curve. Its intuitive nature facilitates swift adoption, making it accessible for our team. Additionally, I value the ability to specify the range of IP address assets and perform both ad-hoc and scheduled scanning. This functionality is crucial for maintaining the integrity and security of our network infrastructure, and it helps us in managing and mitigating vulnerabilities efficiently.
What do you dislike about the product?
I dislike that the pricing of Tenable Nessus has been going up quite significantly recently.
What problems is the product solving and how is that benefiting you?
We use Tenable Nessus to scan for vulnerabilities, improving our organization's cybersecurity by patching and reporting the status of our systems.
Customization and Ease of Integration that Surprise
What do you like best about the product?
The customization of each scan that I can perform in the tool. With daily use, it is possible to learn and see how the tool is easy to configure and integrate with some systems.
What do you dislike about the product?
The visibility is excellent and the customer support provided is very quick and completely helpful. As I use it every day, contacting support becomes increasingly simple.
What problems is the product solving and how is that benefiting you?
Tenable Nessus helps analyze the environment, check the attack surface, correct and mitigate failures in the environment.
Clean Interface and Simple Use.
What do you like best about the product?
Nessus is Simple and forward. The set up is easy enough for most people to complete. The user interface is clean and not bombarded with tons of bells and whistles that can sometimes be overwhelming.
What do you dislike about the product?
Only Downside can be the scan time, but that is also dependent on equipment and environment.
What problems is the product solving and how is that benefiting you?
Nessus helps me identify which assets need to be patched and allows me to easily rescan them after fixes have been applied. I can also pull a few reports
showing 1 - 10