TrustRadius: an HG Insights company

Tenable Nessus

Score8.8 out of 10

99 Reviews and Ratings

Get a Demo

What is Tenable Nessus?

Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.

Categories & Use Cases

Key Features

Learn about the best (and worst!) features Tenable Nessus has to offer, as determined by TrustRadius' reviewers.
Based on 99 ratings of Tenable Nessus's features
View all features

Top Performing Features

  • Automated Alerts and Reporting

    Systems in place to automatically alert, report, or notify of issues that may need timely remediation.

    Category average: 8.2

  • Vulnerability Classification

    Prioritizing vulnerabilities, to determine which vulnerabilities are most urgent and require a quicker resolution.

    Category average: 8.8

  • Vulnerability Intelligence

    Software that is able to label and store information about vulnerabilities to access for future use cases.

    Category average: 8.3

Areas for Improvement

  • Web Scanning

    Specifically scans webpages for potential threats or vulnerabilities.

    Category average: 7.8

  • Threat Intelligence Reporting

    Generates reports that display information on threats (such as name, type, frequency of attack, area affected, etc.)

    Category average: 7.5

  • Network Analytics

    Analyzes various data reports and logs (DNS, firewall, user data, security information etc.) to identify threats in a network.

    Category average: 7.3

Most Frequent Users

Top 3 industries using Tenable Nessus
Based on HG Insights installation data
View all Reviews
#1 most frequent

Professional, Scientific, and Technical Services

28.2%

2,376 installations of 8,436

#2 most frequent

Information

12.1%

1,021 installations of 8,436

#3 most frequent

Finance and Insurance

12.0%

1,013 installations of 8,436

Reviews

What users are saying about Tenable Nessus.
View all reviews

Reliable and cost effective vulnerability managements with Nessus.

Akhilesh Ghosh
VAPT-Teamlead in Information Technology at Digitaltrack Solutions (501-1000 employees employees)

Use Cases and Deployment Scope

We utilize Nessus as a primary vulnerability assessment tool to identify security weaknesses across organizations. It enables us to perform scheduled scans to comply with requirements and also helps us assess our organization's security posture. We use Nessus to scan our External and internal networks, servers, endpoints, web applications, and configurations to identify risk and compliance gaps.

Pros

  • Highly customizable Scanning.
  • Clear reporting and risk prioritization.
  • Integration capabilities.

Cons

  • Manual remediation tracking.
  • Scan preforming on large network.
  • False positive and context gaps.
  • User management and role based access.

Return on Investment

  • Reduced risk exposure.
  • Improve compliance and audit outcomes
  • Accelerate patch management
  • Require manual remediation tracking
  • Limited advanced threat analytics required

Usability

Alternatives Considered

Qualys VMDR and Rapid7 InsightVM

Other Software Used

Splunk Enterprise Security, ServiceNow IT Service Management, PortSwigger Burp Suite

Great Product.

Phil JacksonView profile
System Admin in Information Technology at a.i. solutions (201-500 employees employees)

Use Cases and Deployment Scope

We use Tenable for vulnerability management for our network and virtual machines. This helps us find configuration issues and software vulnerabilities in the software and hardware that we use. It enables us to run a virtual machine, perform scans to identify out-of-date configurations, and provides steps to resolve issues in our environment.

Pros

  • Shows you how to fix certain vulnerabilities and the commands to run.
  • Gives you the CVEs that the vulnerabilities are matched to.
  • Easy to understand the vulnerabilities list, giving reasons why the issues need to be patched or fixed.

Cons

  • No places of improvement I can find.

Return on Investment

  • It has helped us alleviate holes in our environment that we could not see before.

Usability

Other Software Used

KnowBe4 Security Awareness Training, Absolute Control

Why Nessus is such a great tool

Stephan van der MerweView profile
Cyber Security Analyst in Information Technology at SSMT IT Security (1-10 employees employees)

Use Cases and Deployment Scope

We are an MSSP and use Nessus to conduct vulnerability assessments to our smaller clients who cannot afford the larger products

Pros

  • Vulnerability assessment tool

Cons

  • I love the product only downside is that the reporting can be upgraded to make custom reporting easier

Most Important Features

  • Best Vulnerability scanning engine

Return on Investment

  • Cost effective vulnerability scanner for small companies or consultants

Alternatives Considered

Tenable.io, Tenable.sc, Tenable.cs and Tenable.ad

Other Software Used

Tenable.io, SentinelOne Singularity, Kaspersky Endpoint Security

Tenable Nessus Review

Incentivized
Verified User
Engineer in Information Technology (1001-5000 employees employees)

Use Cases and Deployment Scope

We use Tenable Nessus to scan for vulnerabilities and insecure misconfigurations to improve our security posture. Nessus identifies missing patches and firmware updates and provides basic information on the CVEs to help with remediation. I sleep better at night knowing we are proactively preventing breaches and unauthorized access. It is also valuable tool to achieve compliance and provides evidence for our auditors.

Pros

  • Identifies vulnerabilities and misconfigurations across many platforms.
  • Helps us achieve compliance with our auditors
  • Helps us prioritize remediation based on severity of the CVE/misconfiguration

Cons

  • There are some legacy systems that we are unfortunately not able to patch. There is no way to flag these so they are not in all our reports. We still need to track these but they don't need to be included in the weekly scan every time.
  • The Service Now integration is very complex.
  • We get quite a few false positives, especially when scanning network infrastructure such as siwtches and firewalls.

Return on Investment

  • Tenable Nessus has saved our security team countless hours of manually identifying security weaknesses in our infrastructure.
  • I would like to think that the remediations we have performed based on Tenable Nessus reports has prevented at least one breach of our network. If that is the case, the ROI is basically incalculable but could easily be in the tens of millions of dollars.
  • Tenable Nessus has helped our organization formalize many security practices and processes that keep our business running smoothly.

Usability

Alternatives Considered

Microsoft Defender for Endpoint and CrowdStrike Falcon

Other Software Used

Microsoft Defender for Endpoint, Palo Alto Networks WildFire

Nessus in for auditing infrastructure

Incentivized
Omar Israel Sánchez MonroyView profile
Auditor de Seguridad de la Información in Information Technology at Peñoles (5001-10,000 employees employees)

Pros

  • Vulnerabilities assessment.
  • Configuration file evaluation.
  • Reporting.

Cons

  • Interaction with some other tools like Metasploit.

Return on Investment

  • Preventing attacks.
  • Saving the time of deep analysis.
  • Saves money.

Alternatives Considered

Metasploit

Other Software Used

Frontline Vulnerability Manager, Fortinet FortiGate, Kaspersky Endpoint Security