Nessus (BYOL)
Tenable, Inc. | 10.8.4Linux/Unix, Amazon Linux 20250405 - 64-bit Amazon Machine Image (AMI)
External reviews
External reviews are not included in the AWS star rating for the product.
Easy to use, reliable, and up to date.
What do you like best about the product?
It works, and it works well. I like that it's updated daily with new signature and vulnerabilities. It's incredibly easy to get a pre-configured scan started, and just as easy to automate it. I like the granularity that you can configure scans with. The reporting features are great, but we export the reports to a vuln manager.
What do you dislike about the product?
It can be kind of confusing unless you can figure out their menus and terminology. It is also sometimes quite slow without easily being able to access a verbose log of what's going on. There are also some features that are shown but not included on the current platform, only if you migrate to Tenable.io.
What problems is the product solving and how is that benefiting you?
We use Nessus for server security auditing and assessing. We have scheduled scans to alert us of any new vulnerabilities in our systems, as well as for patch auditing.
- Leave a Comment |
- Mark review as helpful
Nessus scanning
What do you like best about the product?
Nessus scanning in and of itself is rather simple. It is nice that debugging is built in to the gui and logs can be easily retrieved. Nessus is definitely best when deployed with Security Center.
What do you dislike about the product?
Some of the logic built in to the Cisco handler didnt make sense. When the logic was presented with a #, it wouldn't issue the enable password required for escalation. Getting the logic fixed for this issue took over 9 months to resolve.
What problems is the product solving and how is that benefiting you?
This tool replaced McAfee vulnerability management and was a much more solid tool comparatively speaking.
Nessus works well
What do you like best about the product?
The amount/variety of plugins that cover just about everything you need to scan for, both new/0 day threats and past.
What do you dislike about the product?
Reporting could be better in Nessus Pro (I don't have exposure to other levels to see if there is better reporting)
What problems is the product solving and how is that benefiting you?
Making sure systems are updated with the necessary patches. A nice benefit is seeing the biggest bang for our buck (deploy one patch will fix 80% of critical issues for example)
Recommendations to others considering the product:
Make sure the reporting matches your needs, otherwise it's great
Solid product for security and compliance
What do you like best about the product?
The job scheduling features make it easy for me to run scans quarterly.
What do you dislike about the product?
Sometimes, I feel it is a little slow with the scans, the machine is pretty robust that we run it on.
What problems is the product solving and how is that benefiting you?
Compliance issues with ISO and SOC
SQL Developer
What do you like best about the product?
Slick UI, export to Excel option is great for data management
What do you dislike about the product?
We do weekly scans and false positives in general around Windows 10 are a bit annoying. Tenable is pretty quick to update their plugins however.
What problems is the product solving and how is that benefiting you?
Find out of compliance machines for security patching, other new issues we didn't know about.
Straight forward and easy to use.
What do you like best about the product?
Important information readily accessible from reports and thus easy for management to read. Flexible scanning options and easy to passively scan many test VMs under development.
What do you dislike about the product?
No multi-year discount for contracts. 2 or 3 year contract is the same price/yr
What problems is the product solving and how is that benefiting you?
Vulnerability scanning with an industry standard tool. Customers recognize and accept Nessus as part of our cybersecurity program.
Industry standard for a reason
What do you like best about the product?
Nessus is the standard for a reason - it's flexible, extensible, and well supported. The plugin update system works silently and flawlessly, and helps us not have to write our own scripts constantly.
What do you dislike about the product?
The recent changes to move on-prem scanners to a single user and remove API functionality has been super challenging.
What problems is the product solving and how is that benefiting you?
We are solving for risk analysis and patch compliance with Nessus. Automating the scans and having the ability to write our own compliance module has made it super easy to spot trends and get accurate remediation plans drawn up.
Good Product has a couple of shortcomings.
What do you like best about the product?
Cheap, effective, quick to set up and easy to use
What do you dislike about the product?
The policy section defining custom policies can be cumbersome and not as intuitive as it should be. Would like to be able to search for plugins in the policies section, and not to have to scroll through thousands of plugins to find the correct one. Troubleshooting is problematic, and support tends to be slow because of the online chat feature.
What problems is the product solving and how is that benefiting you?
Vulnerability scans for reporting to federal government
Recommendations to others considering the product:
I would definitely recommend it for quick set up and ease of use. Free version is a good way to go to evaluate the product.
Nessus is the gold standard for vulnerability scanning.
What do you like best about the product?
Nessus offers great support for the platform and the documentation is thorough for an easy implementation and configuration.
What do you dislike about the product?
The pricing model has changed and some features now require a larger financial commitment or maintaining older versions, which is obviously not desirable for a security and compliance tool.
What problems is the product solving and how is that benefiting you?
Nessus allows us to set and forget the majority of our vulnerability scans and provides all the details we need to ensure our environments are not opening drastic new security holes. This allows us to focus on more critical security issues, while also maintaining our compliance information without user interaction.
Recommendations to others considering the product:
Definitely read the documentation before you get started, it will save a lot of time and make sure everything is configured correctly.
Director of IT/Operations
What do you like best about the product?
Real-Time vulnerability check and sensitive data searches
What do you dislike about the product?
Plugins and using reports are a bit challenging.
What problems is the product solving and how is that benefiting you?
Primarily for security compliance
showing 41 - 50