Nessus (BYOL)
Tenable, Inc. | 10.8.4Linux/Unix, Amazon Linux 20250405 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
Great tool for self-assessments and scanning new deployments
What do you like best about the product?
Great interface, portable (I run it on a laptop), and the reporting format has been great for developing a methodology with which I can track my organization's security posture over time.
What do you dislike about the product?
Very little to dislike here. I think the only thing I'd like to see is a summary interface that does some of my reporting work for me, instead of me having to review the reports and create totals for each vulnerability category (critical, high, etc.).
What problems is the product solving and how is that benefiting you?
I can scan new systems before they go into production, I can monitor our security posture over time as new threats emerge and we deal with existing ones, and I have used the data from the reports to track our security for over four years running now.
Recommendations to others considering the product:
You should consider this a must-have in your security toolbox. You can use it to self-assess as well as a check against third party assessments.
- Leave a Comment |
- Mark review as helpful
Nessus is a great value
What do you like best about the product?
We have been using Nessus for several years, performing professional pen-testing and vulnerability assessments. This has been an invaluable tool for our business. It has helped us bring security solutions to many clients.
What do you dislike about the product?
Unfortunately, the pricing has been steadily increasing year over year. Within the next couple years, other tools may prove to be a better value.
What problems is the product solving and how is that benefiting you?
Nessus helps us identify security risks and determine a path to remediation. It doesn't provide remediation instructions, but the details are very helpful for us to plan remediation.
Recommendations to others considering the product:
Be cognizant of increasing renewal prices
De Facto Standard in Vulnerbility Scanners - Best Vulnerbility Scanner for the price.
What do you like best about the product?
Nessus Professional is an Intelligent and highly customizable security product. Our team gets very accurate scan results. The security plugins are always current. The compliance templates provided can be customized to reflect the our regulatory and security needs.
What do you dislike about the product?
Improve the Web GUI:
The Nessus Web GUI does take some getting used to. Additionally, advanced configuration settings could be better organized and contextual help should be added / improved when navigating the web GUI. More report customization would aid in providing better management reporting. Disk space utilization and system health should be added to the web GUI as this would help to alert administrators and users if and when system logs require pruning or to proactively clean old scan jobs that are consuming disk space.
Security Compliance:
The security compliance templates are very useful but the compliance templates could be expanded to cover more vendor products and the compliance templates should be maintained at current levels to reflect changing compliance standards.
Mobile App:
There are times when I am away from my desk and we would like to have a mobile version that would run on a portable platform such as a Android phone or tablet.
The Nessus Web GUI does take some getting used to. Additionally, advanced configuration settings could be better organized and contextual help should be added / improved when navigating the web GUI. More report customization would aid in providing better management reporting. Disk space utilization and system health should be added to the web GUI as this would help to alert administrators and users if and when system logs require pruning or to proactively clean old scan jobs that are consuming disk space.
Security Compliance:
The security compliance templates are very useful but the compliance templates could be expanded to cover more vendor products and the compliance templates should be maintained at current levels to reflect changing compliance standards.
Mobile App:
There are times when I am away from my desk and we would like to have a mobile version that would run on a portable platform such as a Android phone or tablet.
What problems is the product solving and how is that benefiting you?
With respect to patch management, we use Nessus to validate new server and network appliance builds. As a government organization, we are required to adhere to security policies pertaining to security compliance and cyber security. To us, Nessus definitely fills are security compliance needs.
Recommendations to others considering the product:
Must be comfortable with customizations. Should have a strong understanding of networking technologies.
Nesssus Rocks!
What do you like best about the product?
The flexibility in scan entire networks and for specific vulnerabilities.
What do you dislike about the product?
That the free license is no longer available for home and personal use.
What problems is the product solving and how is that benefiting you?
Filling gaps of employment. We don't have the budget for a security team so the infrastructure team fills both roles. Nessus make our jobs easier to scan for vulnerabilities without paying for FTES or yearly pen test.
Nessus Network scanninhg
What do you like best about the product?
Ease of set up and use, shows exactly where the vulnerabilities are
What do you dislike about the product?
More in depth reporting on the level of risk for each vulnerability found
What problems is the product solving and how is that benefiting you?
Closing possible security holes
Nessus Professional
What do you like best about the product?
The best thing about Nessus is how indepth the scans can be. Not only are they indepth, there are multiple different scans preset for convenience. Not only that there are a ton of customization options for reports, scheduling, notifications, the type of scan and even the plugins.
What do you dislike about the product?
Migrating Nessus to a new machine isn't the easiest thing to do as there are some restrictions but after doing them a couple of times, I've gotten used to it. Depending on how many scans you have on your original build, migration can take a long time to complete. If something goes wrong, all of that time would have been wasted.
What problems is the product solving and how is that benefiting you?
A big benefit with Nessus is that we are able to pinpoint security risks within our own sites and servers on a monthly basis and escalate to the proper teams within our organization. The scans can be setup to send emails of the pdf file of the scan report to individuals. This allows the proper people are receiving the results as soon as the scans are complete.
Recommendations to others considering the product:
If you are in need of a vulnerability scanner, Nessus is definitely the way to go. The ease of customization and the level of support you get from Nessus makes this the best option.
Very good product
What do you like best about the product?
We are able to perform weekly scans and store them for future reference
What do you dislike about the product?
There is not much to dislike about the product.
What problems is the product solving and how is that benefiting you?
We are using the plugins to ensure that we are in compliance with the FDCC guidelines.
Recommendations to others considering the product:
I have used it for years and it has improved a lot over the past few years.
great piece of mind
What do you like best about the product?
simplicity of building out a customized scan
What do you dislike about the product?
better looking results, built in data that doesn't require going out to web for details
What problems is the product solving and how is that benefiting you?
security scans needed to verify new systems have been hardened
Tenable Nessus Professional Review
What do you like best about the product?
Nessus Professional has many wonderful features. Some these features include the ability to view vulnerability information related to system that reside on your network. It gives you information about how to remediate these reviews. We use Nessus in an active and passive manner. We do have ICS based systems that do no work well with active scans. In these instances we can set up a passive Nessus scanner and collect the information that we need. It is also helps to in providing a secondary means to identify and verify the patching of our systems.
What do you dislike about the product?
We use Nessus Professional as a part of our Tenable SC CV suite. This can be a little difficult to get up and running the first time it is set up. There are multiple virtual appliances that have to bet set up and synced together and if there is ever a problem, sometimes this it can take some time to track down which particular component is the issue. If Nessus Professional is used as standalone product, this isn't an issue.
What problems is the product solving and how is that benefiting you?
It has helped in reducing cost associated with working individually on each device we have. We trust Nessus to perform automated tasks that would normally take hours on end to perform this type of audits by hand. So with that, we have seen a reduction in labor costs and time.
Recommendations to others considering the product:
Be prepared to spend some time on the front end designing and setting this up properly to avoid headaches down the road.
Great tool...simple, intuitive, and complete
What do you like best about the product?
Nessus is my go-to scanner. It's simple to use...has a well laid out user interface...and results are easy to digest. The references withing the vulnerability findings are immensely helpful to support staff in helping them to understand the findings and their path to remediation.
What do you dislike about the product?
Not really much to dislike here. Price is right. Ease of use is great. Only thing I'd recommend is for Tenable to step up their game with Support. Their support process is one of the least engage-able of all the tools I use. Much more feels like consumer level support rather than enterprise.
What problems is the product solving and how is that benefiting you?
Verifying patch management process is the primary solution we are solving. Is also great at asset discovery. We also find the scanner very useful when a new high priority vulnerability comes out that the business wants us to quickly verify our exposure to.
Recommendations to others considering the product:
none at this time
showing 111 - 120