Tenable Nessus

Restrictions in Free Version: Some users have mentioned that the free version of Nessus has limitations, such as not allowing internal/external PCI scan policies and config audits. This has been considered a drawback by several reviewers.

Expensive Professional Version: Several users have suggested adding additional features to the free version of Nessus, as they find the professional version to be expensive and not cost-friendly for everyone.

Difficult Progress Tracking: Users have found it difficult to track the progress of a scan as the tool sometimes fails to show the in-between completion percentage. Improving the way scan status is displayed has been recommended by some reviewers.

Users highly recommend purchasing Nessus Professional for various purposes including consulting, vulnerability analysis, testing, network analysis, and development. They believe it is the industry standard for scanning vulnerabilities and offers detailed scanning capabilities with the latest security updates and vulnerabilities scans. However, they suggest that it may not be suitable for smaller enterprises. Users find Nessus Professional to be a great tool for vulnerability assessment with an easy-to-use interface, making it ideal for beginners in testing. They strongly recommend it for vulnerability scanning and securing against threats. Some users mention a lack of Indian support but still recommend using Nessus Professional to scan servers as it helps satisfy client demands, find vulnerabilities, and provide application remediation. They advise all professionals in information security, particularly IS teams, to use Nessus Professional. Users caution against generating advanced reports without tailoring single server reports first and suggest checking the reporting aspect thoroughly. To better address risk remediation, users recommend thoroughly reviewing scans and learning each vulnerability. While users appreciate the high performance and functionality of Nessus Professional, they find the default reports insufficient and custom report generation difficult. For performing PCI assessments, users consider Nessus Professional a great product that is easy to implement and use as a good appliance. Some users also recommend using other Tenable products for vulnerability scanning and configuration compliance monitoring. Users propose adding options to identify vulnerability issues by level of importance in Nessus Professional but generally agree that it does a good job finding and identifying vulnerabilities. They suggest using SecurityCenter for easier security management and great reports. Users highlight the need for improved requirements when running authenticated scans and recommend conducting multiple scans to ensure accurate results since false positives can occur at times. Overall, users recommend using Nessus Professional for experienced cybersecurity professionals to identify vulnerabilities in systems.