Nessus - Always stay compliant
Nessus vulnerability tool is being used by IT Admin team to scan for vulnerabilities in the workstations and servers, routers, and …
Nessus
Nessus
Overview
Reviews
Reviewer Pros & Cons
View all pros & cons
- Modules which are already configured in the tool for use - is very useful feature of this tool. All the basic testing can easily be performed by lever...
- Becomes buggy for large applications/ scans - When using Nessus with very large applications or applications having huge datasets, this tool might bec...
Pricing
View all pricing1 Year
$2,790.00
Cloud
1 Year + Advanced Support
$3,190.00
Cloud
2 Years
$5,440.00
Cloud
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
Features Scorecard
No scorecards have been submitted for this product yet.Start a Scorecard.
Product Details
What is Nessus?
Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.
Nessus Video
Nessus Professional Overview
Nessus Technical Details
| Deployment Types | SaaS |
|---|---|
| Operating Systems | Unspecified |
| Mobile Application | No |
Alternatives
View all alternatives
Frequently Asked Questions
What is Nessus?
Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.
What is Nessus's best feature?
Reviewers rate Support Rating highest, with a score of 6.9.
Who uses Nessus?
The most common users of Nessus are from Enterprises and the Computer & Network Security industry.
Reviews and Ratings
(39)
Ratings
Reviews
(1-7 of 39)- Popular Filters
Companies can't remove reviews or game the system. Here's why
August 13, 2021
Nessus - Always stay compliant
Nessus vulnerability tool is being used by IT Admin team to scan for vulnerabilities in the workstations and servers, routers, and switches which are planted all over the network both in LAN as well as WAN. Nessus helps to secure the network by running scans on outdated patch versions as well as it helps to implement best practices.
- Vulnerability scanning
- Implement Best Practices
- Slowness when scanning large datasets and applications
- Consumes more resources when scans deep
May 20, 2021
Find the most critical security loopholes in your small-medium scale applications using Nessus
Nessus is being used to perform vulnerability assessments for our internal applications within our firm.
It is used by the cyber security department, which handles security of all the internal applications. Security is vital today, and Nessus helps you comply and make your products hack-proof. It helps you find the loop holes, much before the actual hacker would do.
It is used by the cyber security department, which handles security of all the internal applications. Security is vital today, and Nessus helps you comply and make your products hack-proof. It helps you find the loop holes, much before the actual hacker would do.
- Modules which are already configured in the tool for use - is very useful feature of this tool. All the basic testing can easily be performed by leveraging the preconfigured modules in Nessus.
- Intelligence for this tool is always up to date with no delays - It keeps it CVE database always up to date. This assures the user that they are looking at correct data and helps to find the recent gaps.
- Large configuration options when placing new assessments - Almost any configuration can be configured in Nessus as it supports testing all the domains of any application. It does not restrict the user to one particular domain, rather helps you test the overall tool and provides you with the 360 degree security view of your application.
- Becomes buggy for large applications/ scans - When using Nessus with very large applications or applications having huge datasets, this tool might become a little laggy. This can be fixed by improvising the backend of the tool.
- Graphical User Interface of the tool is not very intuitive. Although it contains tons and tons of features, finding the right one at the right time is a little tricky job. The buttons and features can be better placed to achieve user reachability.
January 30, 2020
Nessus
We use Nessus within our information security department to scan our network for vulnerabilities. Afterwards we ensure to patch the necessary vulnerabilities. We also use Nessus for PCI scanning as required for PCI compliance.
- Vulnerability scanning.
- PCI scanning.
- Could use an upgrade within reports.
- Scans can take a long time to complete. Have to break them down in small sections.
January 14, 2020
Nessus in for auditing infrastructure
Nessus is one of the best vulnerabilities assessment tools. We use it to evaluate, as one of our primary controls, to know how secure or insecure is our infrastructure (networks, servers, switches configurations) are and also identifying the different vulnerabilities in web applications we use. So with the help of the results (reports), we can explain to the managers and the technologies administrators the risks that exist in their software and hardware. For the company is very useful for the audit areas and security area. Those areas work together in the assessment and evaluation. We trust in the info and results gave by Nessus.
- Vulnerabilities assessment.
- Configuration file evaluation.
- Reporting.
- Interaction with some other tools like Metasploit.
September 20, 2019
Without a doubt, one of the best vulnerability scanners on the market
I have used Nessus for performing the vulnerability scans largely. It is largely used for doing vulnerability assessments and penetration testing activities. No matter if you are a security researcher or a security consultant working for some organization, Nessus is known to everyone and is a really helpful tool.
- Nessus is best at performing vulnerability scans, in fact, it gives findings and moreover accurate findings of the assessments. It does not do penetration testing or exploit the vulnerabilities because it is concerned about scanning the systems/applications.
- In fact, Nessus has multiple profiles/policies to perform different types of scans such as, scans oriented for PCI-DSS, malware scans, web application scans, bad shell shock detection scan to name a few.
- Nessus has the ability to classify the vulnerabilities into risk-based categories from critical to even informational which I think is one of the things that separates Nessus from other vulnerability scanners.
- Starting with the cost of Nessus, though it is available for free also it has some restrictions for the free version. Nessus essential which is a free version does not allow to perform internal/external PCI scan policies, config audits which I think is a drawback. As many security researchers, small organizations use this tool for vulnerability scans I think some additional features should be added into free version as Nessus professional version is not cost-friendly for everyone.
- I think Nessus can improve the way it shows scan status while the scan is ongoing. Once scans are started and running, it sometimes failed to show exactly how much percent of scan is completed, for example, it shows scan status from 0% completed to 100% completed directly without showing the in-between completion percentage.
August 14, 2019
Secure information of organization, easy recognition of vulnerability and its assessment.
Our company personnel are mostly depending on Nessus for performing vulnerability assessment on servers and Network Devices of clients, most of our clients are banking networks, government bodies looking for securing their networks and compliance in accordance with information security standards. Nessus is very advanced tool for mainly highlighting server's configuration level, software level issues and missing security patches and for network devices it lists any configuration issues, outdated practice or patches required for improvement of information security.
- With Nessus we can find the missing critical patches for a server or workstations.
- Nessus points out any vulnerable or outdated software Technologies used in the system, thus eliminating any chances for security flaws being turned up.
- Nessus typically points any configuration level issues in accordance with the OWASP guidelines. Even the configuration of SSL related which are most of the time handled by some vendors or 3rd parties.
- Nessus not only lists out these Vulnerabilities but describes clearly the vulnerabilities in details with its thousands of plugins updated regularly, the tool also recommends solution with practical details of easy implementation.
- The tool has lots of options for setting up before scanning any device, this methodology could be simplified further with default configuration for various devices predefined, anyhow we can use this technique by making use of policies.
- For advanced users we cannot disable the plugins inside the plugin groups, we can enable the whole set of plugins at a time, for few hundreds its ok, but thousands of plugins are of waste of resource and time.
August 28, 2019
A great, easy-to-use security application!
I use Nessus to conduct periodic vulnerability scans of our primary production servers and plan to implement scheduled scans of all nodes in batches at some point in the future.
- Identifying known vulnerabilities.
- Scoring discovered vulnerabilities appropriately.
- Presenting vulnerabilities and remediation recommendations on an easy to read format.
- While it is easy to use, it assumes a certain level of knowledge from the user, therefore, it could explain things a little better as the user moved through the program.