Secure information of organization, easy recognition of vulnerability and its assessment.
Updated August 14, 2019

Secure information of organization, easy recognition of vulnerability and its assessment.

Sohail Zende | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Nessus

Our company personnel are mostly depending on Nessus for performing vulnerability assessment on servers and Network Devices of clients, most of our clients are banking networks, government bodies looking for securing their networks and compliance in accordance with information security standards. Nessus is very advanced tool for mainly highlighting server's configuration level, software level issues and missing security patches and for network devices it lists any configuration issues, outdated practice or patches required for improvement of information security.
  • With Nessus we can find the missing critical patches for a server or workstations.
  • Nessus points out any vulnerable or outdated software Technologies used in the system, thus eliminating any chances for security flaws being turned up.
  • Nessus typically points any configuration level issues in accordance with the OWASP guidelines. Even the configuration of SSL related which are most of the time handled by some vendors or 3rd parties.
  • Nessus not only lists out these Vulnerabilities but describes clearly the vulnerabilities in details with its thousands of plugins updated regularly, the tool also recommends solution with practical details of easy implementation.
  • The tool has lots of options for setting up before scanning any device, this methodology could be simplified further with default configuration for various devices predefined, anyhow we can use this technique by making use of policies.
  • For advanced users we cannot disable the plugins inside the plugin groups, we can enable the whole set of plugins at a time, for few hundreds its ok, but thousands of plugins are of waste of resource and time.
  • Very positive, infact most of our work is dependent on Nessus tool for consulting best practices to organizations with computer and information technology operations.
Overall Nessus tool is very useful for any organization with involvement of information technology for keeping their Technologies updated to the best level of security and secure thier practices of the same.
Though we didn't needed the support from nessus team directly, but the Nessus community has answers to all our questions or issues faced by us can be easily resolved with proper addressing and understanding in no time.
Nessus is standard vulnerabilities assessment tool, i would recommend for mid or higher level organization to have their personalised tool from Nessus for day to day managing of their network security with continuous improvements.
Nessus is quite suitable foe any network devices like switches, routers, firewalls or proxy, for different servers also the tool is very operable, it has plugins for almost every operating system and managed devices, only thing is before using on to the intended device the tool should be updated which takes much time to compile plugins.

Using Nessus

50 - Network security consulting for various business sectors like banking, egovernance, marketing etc,.
Anyone who has understanding of application installations and system configuration can support for Nessus workflow.
  • Servers internal level configuration issues have been identified and fixed
  • Regular missing patches check being performed
  • Application level issues have been reported, like multiple Vulnerabilities of older version applications
  • We make use of the product for multiple platforms by integrating it into a single VM.
  • We are currently making use of Nessus for almost all types of computer and network devices, to go on further any newer operating systems of linux based develops we'll include those plugins for respective vulnerability Assessment
Nessus is best and easy to use application for Vulnerabilities finding and reporting, it has multiple platforms and wide scope covering almost all devices for security improvement so far, thus we are very likely to continue its services.

Evaluating Nessus and Competitors

  • Price
  • Product Features
  • Product Usability
  • Product Reputation
  • Prior Experience with the Product
  • Analyst Reports
  • Third-party Reviews
The product features are vivid and covers most of our needs during assessment so far, the application usage was also familiar with our organization decision makers.
I would recommend Nessus to use if i started to evaluate again, because of its features and so much of reputation and community vide scope.

Using Nessus

ProsCons
Like to use
Relatively simple
Technical support not required
Well integrated
Quick to learn
Convenient
Feel confident using
Difficult to use
Lots to learn
  • Perform Servers Scan, windows preferably
  • Running automated scans on network devices
  • Some older switches are difficult to configure for credentialed scans
  • Proxy servers credentialed scan takes peculiar configuration knowledge for right scan